From Fedora Project Wiki

< FWN‎ | Beats

 
(17 intermediate revisions by 2 users not shown)
Line 8: Line 8:
Contributing Writer:  [[HuzaifaSidhpurwala|Huzaifa Sidhpurwala]]
Contributing Writer:  [[HuzaifaSidhpurwala|Huzaifa Sidhpurwala]]


=== Automating hosted projects? ===
=== Intrusion update ===
[[MikeMcGrath| Mike McGrath]] sent a link <ref>https://www.redhat.com/archives/fedora-announce-list/2009-March/msg00010.html</ref> to the list about the intrusion which was sent to the fedora-announce-list earlier.<ref>https://www.redhat.com/archives/fedora-infrastructure-list/2009-March/msg00277.html</ref>


[[PaulFrields|Paul W. Frields]] asked[1] on the @fedora-infrastructure-list if it was possible to automate the creation of projects on the fedorahosted.org site. Since some potential contributors may need more instantaneos result and not wait for an admin to create the project.
Mike said that he was waiting to discuss authentication mechanisms for the fedora-servers, Since passwords+ssh keys are not the most secure authentication mechanism. Also it seems that fedora does not have the budget for any RSA token like system for authentication.


[1] https://www.redhat.com/archives/fedora-infrastructure-list/2009-January/msg00124.html
There was a lot of discussion on this thread, with various people proposing different authentication mechanisms which could be used.


To this [[SethVidal|Seth Vidal]] replied[2] that a part of the benefit of this being manual is that
[[Dennis Gilmore|DennisGilmore]] started a similar thread about Auth Mechanims<ref>https://www.redhat.com/archives/fedora-infrastructure-list/2009-March/msg00294.html</ref> on which he discussed using etoken or Yubikey for authentication.
the admin can do a bit of sanity check before the project is created.
It was a two factor authentication and therefore was more secure than passphrase or ssh keys.


[2] https://www.redhat.com/archives/fedora-infrastructure-list/2009-January/msg00125.html
<references/>
 
=== CSI (Security Policy) ===
 
[[MikeMcGrath | Mike McGrath]] said[3] on the @fedora-infrastructure-list that he had put the security policy CSI docs in the standard place [4]
 
[3] https://www.redhat.com/archives/fedora-infrastructure-list/2009-January/msg00172.html
 
[4] http://infrastructure.fedoraproject.org/csi/security-policy/en-US/

Latest revision as of 04:36, 6 April 2009

Infrastructure

This section contains the discussion happening on the fedora-infrastructure-list

http://fedoraproject.org/wiki/Infrastructure

Contributing Writer: Huzaifa Sidhpurwala

Intrusion update

Mike McGrath sent a link [1] to the list about the intrusion which was sent to the fedora-announce-list earlier.[2]

Mike said that he was waiting to discuss authentication mechanisms for the fedora-servers, Since passwords+ssh keys are not the most secure authentication mechanism. Also it seems that fedora does not have the budget for any RSA token like system for authentication.

There was a lot of discussion on this thread, with various people proposing different authentication mechanisms which could be used.

DennisGilmore started a similar thread about Auth Mechanims[3] on which he discussed using etoken or Yubikey for authentication. It was a two factor authentication and therefore was more secure than passphrase or ssh keys.