[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: package maintenance from multiple PCs ?



On Sun, 2008-09-21 at 17:12 +1000, David Timms wrote:
> Hi, I've recently been trying to do package development from my notebook 
>   PC, rather than my desktop PC {which has all the ssh certs, 
> own/fedora/fedara certs, and the client side certificate}.
> 
> To use a second development machine is it necessary and sufficient to:
> cp from my account on original desktop:

> - .ssh/id_rsa.pub

Not required unless you want to set up other machines for entry with the
same key.

> If I have all the same key/certs on the notebook, what are the security 
> implications if the machine is stolen {and obtained by someone with 
> malicious ideas} etc ?

1) Your passphrase can be brute-forced, thereby possibly gaining some
knowledge about your passphrases in general.

2) Someone can act as you in koji, both in the browser and in the
command line ("Beware criminals requeueing packages").

-- 
Ignacio Vazquez-Abrams <ivazqueznet gmail com>

PLEASE don't CC me; I'm already subscribed

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]