[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian maintainers' ssh keys

Peter Palfrader writes ("Re: Debian maintainers' ssh keys"):
> On Sun, 05 Jul 2015, Ian Jackson wrote:
> > However, DMs currently do not have access to it because the backend
> > service is accessed via ssh.[1]
> > 
> > To solve this problem it is necessary to have a list of DMs' ssh
> > keys, and make them authorised the same way DDs' keys are[2] for the
> > dgit service user on gideon.debian.org.
> DSA isn't opposed to adding NMs to LDAP.  If NM/keyring-maint is ok with
> that and files appropriate ticket and/or reassigns them accordingly,
> maybe that's an easy route?

That would certainly work for me.

(Note that for the purposes of the dgit service it doesn't matter if
the set of people granted the restricted command ssh access to the
dgit@ service user is slightly too large.  The real access control is
based on PGP-signed tags, checked against the keyrings and dm.txt.)


Reply to: