On Wed, 12 Oct 2011 13:53:34 -0400 Digimer <linux@xxxxxxxxxxx> wrote: > On 10/12/2011 12:44 PM, Kevin Fenzi wrote: > > Subject: IMPORTANT: Mandatory password and ssh key change by > > 2011-11-30 > > > > Summary: > > > > All existing users of the Fedora Account System (FAS) at > > https://admin.fedoraproject.org/accounts are required to change > > their password and upload a NEW ssh public key before 2011-11-30. > > Failure to do so may result in your account being marked inactive. > > Passwords changed and NEW ssh public keys uploaded after 2011-10-10 > > will meet this requirement. > > I'd like to add my voice to the concern about requiring new public > keys. I can appreciate the desire for security, but forcing new SSH > keys accomplishes nothing of practical use. Quite the contrary; It > induces a fair hardship of those of us with keys configured on many > other systems. I'm sorry it's causing you hassle. It does accomplish some practical gain, IMHO. You can use a separate key for Fedora machines if that makes things easier for you. Or you could document and determine now when you aren't in a hurry (the deadline is 1.5 months away) what hosts you need to change and that your private key wasn't accidentally backed up to them. > The idea of maintaining a second set of keys for Fedora (and again > for any other projects that follow suit) is, I'd argue, unreasonably > burdensome. I'm sorry you think so. You don't have to take that tack if you don't like. kevin
Attachment:
signature.asc
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
