Re: people.debian.org to move to ravel
On Mon, 01 Sep 2008, Lionel Elie Mamane wrote:
> > It is. Limiting an attacker's ability to easily jump from one
> > compromised box to another is something we really want to have. Not
> > tomorrow, but eventually.
> I'm not sure the no-passwords policy helps much by itself; I get the
> impression people will just put a ssh key in their homes on Debian
> machines and add it to the authorized keys in LDAP.
Should DSA learn of this they will have had an account on debian.org
hardware for the longest time, just like storing your gpg key on d.o
hardware will result in it being removed from the keyring for good.
| .''`. ** Debian GNU/Linux **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/