From Fedora Project Wiki

< FWN‎ | Beats

 
(32 intermediate revisions by 3 users not shown)
Line 6: Line 6:
http://fedoraproject.org/wiki/Infrastructure
http://fedoraproject.org/wiki/Infrastructure


Contributing Writer:  HuzaifaSidhpurwala
Contributing Writer:  [[HuzaifaSidhpurwala|Huzaifa Sidhpurwala]]


=== Intrusion update ===
[[MikeMcGrath| Mike McGrath]] sent a link <ref>https://www.redhat.com/archives/fedora-announce-list/2009-March/msg00010.html</ref> to the list about the intrusion which was sent to the fedora-announce-list earlier.<ref>https://www.redhat.com/archives/fedora-infrastructure-list/2009-March/msg00277.html</ref>


Mike said that he was waiting to discuss authentication mechanisms for the fedora-servers, Since passwords+ssh keys are not the most secure authentication mechanism. Also it seems that fedora does not have the budget for any RSA token like system for authentication.


=== Puppet training ===
There was a lot of discussion on this thread, with various people proposing different authentication mechanisms which could be used.


[[MikeMcGrath|Mike McGrath]] wrote on the @fedora-infrastructure-list [2] that he is going to hold a puppet training next wednesday. He also posted an ogg and the slide deck [3] to which his live training will be identical.  
[[Dennis Gilmore|DennisGilmore]] started a similar thread about Auth Mechanims<ref>https://www.redhat.com/archives/fedora-infrastructure-list/2009-March/msg00294.html</ref> on which he discussed using etoken or Yubikey for authentication.
It was a two factor authentication and therefore was more secure than passphrase or ssh keys.


[2] https://www.redhat.com/archives/fedora-infrastructure-list/2008-September/msg00124.html
<references/>
 
[3] http://mmcgrath.fedorapeople.org/puppet/
 
=== Fedora 10 Beta Release Planning Meeting ===
 
[[JohnPoelstra|John Poelstra]] wrote on the @fedora-infrastructure-list [4] about the Fedora 10 Beta Release Planning Meeting. He has also posted the list of participants and the meeting logs.
 
[4] https://www.redhat.com/archives/fedora-infrastructure-list/2008-September/msg00135.html
 
=== Infrastructure update notice ===
 
[[PaulFrields | Paul W. Frields ]] wrote on the @fedora-infrastructure-list [5] about the announcement which went out on the fedora-announce-list [6]. Paul confirmed that all of our services were back online now.
 
[5] https://www.redhat.com/archives/fedora-infrastructure-list/2008-September/msg00140.html
 
[6] http://www.redhat.com/archives/fedora-announce-list/2008-September/msg00009.html
 
=== app2 disk space ===
 
[[MikeMcGrath|Mike McGrath]] wrote on the @fedora-infrastructure-list[7] about the recent disk alerts on app2. It seems that the host was not built with enough disk space similar to app1.
It does raise a point about storage for transifex though.  Basically each host running transifex or damned lies, keeps a local copy of every scm as part of its usage. For performance
reasons that should not change but its something we'll want to figure out long term. So after the freeze the host is going to be rebuilt.
 
[7] https://www.redhat.com/archives/fedora-infrastructure-list/2008-September/msg00155.html

Latest revision as of 04:36, 6 April 2009

Infrastructure

This section contains the discussion happening on the fedora-infrastructure-list

http://fedoraproject.org/wiki/Infrastructure

Contributing Writer: Huzaifa Sidhpurwala

Intrusion update

Mike McGrath sent a link [1] to the list about the intrusion which was sent to the fedora-announce-list earlier.[2]

Mike said that he was waiting to discuss authentication mechanisms for the fedora-servers, Since passwords+ssh keys are not the most secure authentication mechanism. Also it seems that fedora does not have the budget for any RSA token like system for authentication.

There was a lot of discussion on this thread, with various people proposing different authentication mechanisms which could be used.

DennisGilmore started a similar thread about Auth Mechanims[3] on which he discussed using etoken or Yubikey for authentication. It was a two factor authentication and therefore was more secure than passphrase or ssh keys.