Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: seth vidal <skvidal <at> fedoraproject.org>
Subject: Change in allowed-files policy on all fedora-maintained hosts
Newsgroups: gmane.linux.redhat.fedora.core.announce
Date: Friday 30th September 2011 04:17:16 UTC (over 5 years ago)
In an ongoing effort to improve our security we have decided to disallow
any ssh private keys from being housed on any fedora-maintained system.
No user should have ever needed to upload an ssh private key, the public
keys are, of course just fine and required. However, on the off-chance
that someone has done this, we'll be performing audits of user homedirs
looking for ssh private keys.

If we find them we'll remove them and then remove the owning-user's ssh
public key from the Fedora Account System (FAS), forcing them to upload
a new one. We're taking this additional step to make sure that the
public key in FAS is not vulnerable due to their private key being
potentially exposed on a shared system.

You can refer to the allowable content section of the fedorapeople faq.
https://fedoraproject.org/wiki/Infrastructure/fedorapeople.org#Allowable_content

These rules (and more), apply to our administrative systems and home
directories.

Thank You,
Fedora Infrastructure Team




-- 
announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/announce
 
CD: 4ms