On Sun, 2008-09-21 at 17:12 +1000, David Timms wrote:
> Hi, I've recently been trying to do package development from my notebook
> PC, rather than my desktop PC {which has all the ssh certs,
> own/fedora/fedara certs, and the client side certificate}.
>
> To use a second development machine is it necessary and sufficient to:
> cp from my account on original desktop:
> - .ssh/id_rsa.pub
Not required unless you want to set up other machines for entry with the
same key.
> If I have all the same key/certs on the notebook, what are the security
> implications if the machine is stolen {and obtained by someone with
> malicious ideas} etc ?
1) Your passphrase can be brute-forced, thereby possibly gaining some
knowledge about your passphrases in general.
2) Someone can act as you in koji, both in the browser and in the
command line ("Beware criminals requeueing packages").
--
Ignacio Vazquez-Abrams <ivazqueznet@xxxxxxxxx>
PLEASE don't CC me; I'm already subscribed
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
