On Thu, May 29, 2008 at 10:08:02PM +0200, Frans Pop wrote: > So basically this is what needs to be done to get uploads for daily D-I > builds working again for remaining architectures. > Does anybody who has a build running want to coordinate that? Maybe setup a > (more) common system for it? I'm willing to coordinate if that will help. I just emailed weasel to find out what the procedure should be. Thanks, Stephen > ---------- Forwarded Message ---------- > Subject: on .ssh/authorized_keys files > Date: Thursday 29 May 2008 > From: Peter Palfrader <weasel@debian.org> > To: debian-infrastructure-announce@lists.debian.org > > The use of ~user/.ssh/authorized_keys files has been disabled since > DSA1571 was announced. While our initial plan was to allow them > again eventually some bad experience with DDs' key handling has > led us to reconsider that intent. > > So ~user/.ssh/authorized_keys will remain disabled. > > If you want to login to debian.org hosts using keys you should send them > to the LDAP as outlined at <URL:https://db.debian.org/doc-mail.html>, > which allows us to do at least some quality control. > > Should you need keys only on specific hosts for automated tasks like > updating stuff or syncing files between project machines or similar > we can enable a user editable authorized_keys file for specific users > on specific hosts. Usually we would expect those keys to be limited > to use only from certain hosts (using from="<xyz>") and limited to > allow execution of only certain commands (using command="<foobar"). > Contact DSA if you have such a case. > > Your sysadmins > ------------------------------------------------------- -- Stephen R. Marenka If life's not fun, you're not doing it right! <stephen@marenka.net>
Attachment:
signature.asc
Description: Digital signature