Re: Debian maintainers' ssh keys

To: Peter Palfrader <weasel@debian.org>
Cc: debian-newmaint@lists.debian.org, debian-admin@lists.debian.org, keyring-maint@debian.org
Subject: Re: Debian maintainers' ssh keys
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Mon, 6 Jul 2015 11:47:18 +0100
Message-id: <[🔎] 21914.23734.815364.480743@chiark.greenend.org.uk>
In-reply-to: <[🔎] 20150705194329.GA15758@anguilla.noreply.org>
References: <[🔎] 21912.30550.226844.122703@chiark.greenend.org.uk> <[🔎] 20150705194329.GA15758@anguilla.noreply.org>

Peter Palfrader writes ("Re: Debian maintainers' ssh keys"):
> On Sun, 05 Jul 2015, Ian Jackson wrote:
> > However, DMs currently do not have access to it because the backend
> > service is accessed via ssh.[1]
> > 
> > To solve this problem it is necessary to have a list of DMs' ssh
> > keys, and make them authorised the same way DDs' keys are[2] for the
> > dgit service user on gideon.debian.org.
> 
> DSA isn't opposed to adding NMs to LDAP.  If NM/keyring-maint is ok with
> that and files appropriate ticket and/or reassigns them accordingly,
> maybe that's an easy route?

That would certainly work for me.

(Note that for the purposes of the dgit service it doesn't matter if
the set of people granted the restricted command ssh access to the
dgit@ service user is slightly too large.  The real access control is
based on PGP-signed tags, checked against the keyrings and dm.txt.)

Ian.

Reply to:

References:
- Debian maintainers' ssh keys
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: Debian maintainers' ssh keys
  - From: Peter Palfrader <weasel@debian.org>

Prev by Date: Report for 'Debian Developer, uploading' applicant Carsten Leonhardt
Next by Date: Re: Debian maintainers' ssh keys
Previous by thread: Re: Debian maintainers' ssh keys
Next by thread: Re: Debian maintainers' ssh keys
Index(es):
- Date
- Thread