[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: people.debian.org to move to ravel

On Mon, 01 Sep 2008, Lionel Elie Mamane wrote:

> > It is.  Limiting an attacker's ability to easily jump from one
> > compromised box to another is something we really want to have.  Not
> > tomorrow, but eventually.
> I'm not sure the no-passwords policy helps much by itself; I get the
> impression people will just put a ssh key in their homes on Debian
> machines and add it to the authorized keys in LDAP.

Should DSA learn of this they will have had an account on debian.org
hardware for the longest time, just like storing your gpg key on d.o
hardware will result in it being removed from the keyring for good.

                           |  .''`.  ** Debian GNU/Linux **
      Peter Palfrader      | : :' :      The  universal
 http://www.palfrader.org/ | `. `'      Operating System
                           |   `-    http://www.debian.org/

Reply to: