FWN/Beats/Infrastructure

From FedoraProject

Jump to: navigation, search

Infrastructure

This section contains the discussion happening on the fedora-infrastructure-list

http://fedoraproject.org/wiki/Infrastructure

Contributing Writer: Huzaifa Sidhpurwala

Intrusion update

Mike McGrath sent a link [1] to the list about the intrusion which was sent to the fedora-announce-list earlier.[2]

Mike said that he was waiting to discuss authentication mechanisms for the fedora-servers, Since passwords+ssh keys are not the most secure authentication mechanism. Also it seems that fedora does not have the budget for any RSA token like system for authentication.

There was a lot of discussion on this thread, with various people proposing different authentication mechanisms which could be used.

DennisGilmore started a similar thread about Auth Mechanims[3] on which he discussed using etoken or Yubikey for authentication. It was a two factor authentication and therefore was more secure than passphrase or ssh keys.

  1. https://www.redhat.com/archives/fedora-announce-list/2009-March/msg00010.html
  2. https://www.redhat.com/archives/fedora-infrastructure-list/2009-March/msg00277.html
  3. https://www.redhat.com/archives/fedora-infrastructure-list/2009-March/msg00294.html