From Fedora Project Wiki

< FWN‎ | Beats

 
(67 intermediate revisions by 4 users not shown)
Line 6: Line 6:
http://fedoraproject.org/wiki/Infrastructure
http://fedoraproject.org/wiki/Infrastructure


Contributing Writer:  HuzaifaSidhpurwala
Contributing Writer:  [[HuzaifaSidhpurwala|Huzaifa Sidhpurwala]]


=== OpenID and CLA ===  
=== Intrusion update ===
[[MikeMcGrath| Mike McGrath]] sent a link <ref>https://www.redhat.com/archives/fedora-announce-list/2009-March/msg00010.html</ref> to the list about the intrusion which was sent to the fedora-announce-list earlier.<ref>https://www.redhat.com/archives/fedora-infrastructure-list/2009-March/msg00277.html</ref>


Karsten Wade writes for fedora-infrastructure-list [1]
Mike said that he was waiting to discuss authentication mechanisms for the fedora-servers, Since passwords+ssh keys are not the most secure authentication mechanism. Also it seems that fedora does not have the budget for any RSA token like system for authentication.


If we want to move our OpenID acceptance outside of Fedora's OpenID server, we'll have a blocker with the CLA.  AIUI, we need someone to knowingly accept the CLA and have that tied to a Real Name and email address in our database.  
There was a lot of discussion on this thread, with various people proposing different authentication mechanisms which could be used.


[1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-May/msg00233.html
[[Dennis Gilmore|DennisGilmore]] started a similar thread about Auth Mechanims<ref>https://www.redhat.com/archives/fedora-infrastructure-list/2009-March/msg00294.html</ref> on which he discussed using etoken or Yubikey for authentication.
It was a two factor authentication and therefore was more secure than passphrase or ssh keys.


 
<references/>
=== Logging #fedora-meeting ===
 
Mike McGrath writes for fedora-infrastructure-list [2]
 
There's been some requests to log #fedora-meeting automatically.  There's technical issues there like where to store them, is there a way to auto start / stop meetings, etc. In this thread there was some discussion on what bot to use etc.
 
 
[2] https://www.redhat.com/archives/fedora-infrastructure-list/2008-May/msg00244.html
 
 
=== OpenID ===
 
Mike McGrath writes for fedora-infrastructure-list [3]
 
The last little bits are in good shape for the OpenID provider we're attempting to be.  Don't go announcing this to others yet.Lets test it out, if it breaks something let us know.  We'll be announcing it officially soon.  You can, for example, log in to livejournal.com with:
username.id.fedoraproject.org. The thread continued with people reporting that things were working.
 
 
[3] https://www.redhat.com/archives/fedora-infrastructure-list/2008-May/msg00257.html
 
=== Change (already) - steved ===
 
Mike McGrath writes for fedora-infrastructure-list [3]
 
One thing we'd been talking about before the freeze but just didn't get around to was giving steved (nfs expert) access to our nfs box where /mnt/koji lives as we still seem to be having nfslock issues (though they are less frequent now). Since everyone agreed to it, this was ultimately done.
 
 
[3]  https://www.redhat.com/archives/fedora-infrastructure-list/2008-April/msg00061.html

Latest revision as of 04:36, 6 April 2009

Infrastructure

This section contains the discussion happening on the fedora-infrastructure-list

http://fedoraproject.org/wiki/Infrastructure

Contributing Writer: Huzaifa Sidhpurwala

Intrusion update

Mike McGrath sent a link [1] to the list about the intrusion which was sent to the fedora-announce-list earlier.[2]

Mike said that he was waiting to discuss authentication mechanisms for the fedora-servers, Since passwords+ssh keys are not the most secure authentication mechanism. Also it seems that fedora does not have the budget for any RSA token like system for authentication.

There was a lot of discussion on this thread, with various people proposing different authentication mechanisms which could be used.

DennisGilmore started a similar thread about Auth Mechanims[3] on which he discussed using etoken or Yubikey for authentication. It was a two factor authentication and therefore was more secure than passphrase or ssh keys.