diff options
Diffstat (limited to 'zarb-ml/mageia-sysadm/2013-February/005016.html')
| -rw-r--r-- | zarb-ml/mageia-sysadm/2013-February/005016.html | 105 |
1 files changed, 105 insertions, 0 deletions
diff --git a/zarb-ml/mageia-sysadm/2013-February/005016.html b/zarb-ml/mageia-sysadm/2013-February/005016.html new file mode 100644 index 000000000..69ba6ba7e --- /dev/null +++ b/zarb-ml/mageia-sysadm/2013-February/005016.html @@ -0,0 +1,105 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-sysadm] sharing account access data + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20sharing%20account%20access%20data&In-Reply-To=%3C20130215153314.GS21938%40mars-attacks.org%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="005015.html"> + <LINK REL="Next" HREF="005017.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-sysadm] sharing account access data</H1> + <B>nicolas vigier</B> + <A HREF="mailto:mageia-sysadm%40mageia.org?Subject=Re%3A%20%5BMageia-sysadm%5D%20sharing%20account%20access%20data&In-Reply-To=%3C20130215153314.GS21938%40mars-attacks.org%3E" + TITLE="[Mageia-sysadm] sharing account access data">boklm at mars-attacks.org + </A><BR> + <I>Fri Feb 15 16:33:14 CET 2013</I> + <P><UL> + <LI>Previous message: <A HREF="005015.html">[Mageia-sysadm] sharing account access data +</A></li> + <LI>Next message: <A HREF="005017.html">[Mageia-sysadm] sharing account access data +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#5016">[ date ]</a> + <a href="thread.html#5016">[ thread ]</a> + <a href="subject.html#5016">[ subject ]</a> + <a href="author.html#5016">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>On Fri, 15 Feb 2013, Pascal Terjan wrote: + +><i> On Fri, Feb 15, 2013 at 11:52 AM, nicolas vigier <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">boklm at mars-attacks.org</A>>wrote: +</I>><i> +</I>><i> > On Fri, 15 Feb 2013, Pascal Terjan wrote: +</I>><i> > +</I>><i> > > On Fri, Feb 15, 2013 at 11:24 AM, nicolas vigier <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-sysadm">boklm at mars-attacks.org</A> +</I>><i> > >wrote: +</I>><i> > > +</I>><i> > > > On Fri, 15 Feb 2013, Romain d'Alverny wrote: +</I>><i> > > > +</I>><i> > > > > Is there a tool/place (or plan to have it) to store and share account +</I>><i> > > > > data to various services (blogs, twitter, flickr, hosting services, +</I>><i> > > > > etc.)? +</I>><i> > > > > +</I>><i> > > > > A restricted wiki, or something that could handle groups? +</I>><i> > > > +</I>><i> > > > Not yet. But we could store on svn a file containing passwords, +</I>><i> > encrypted +</I>><i> > > > with gpg. Each team can create a gpg key and share it between all team +</I>><i> > > > members, and encrypt the passwords file with this key. +</I>><i> > > > +</I>><i> > > > I'm sure a better sstem has to exist, where you can revoke acces for +</I>><i> > > example :) +</I>><i> > +</I>><i> > Do you know one ? +</I>><i> +</I>><i> +</I>><i> No but we can try to find one :) +</I> +I tried to find one before, but didn't find something good. I was +thinking about making some scripts for that, but it's not high priority. +So using something simple like a shared gpg key would maybe be enough +for now. + +><i> Actually if the svn repository is not readable by people not in a given +</I>><i> group that allows revoking access even if they still have a copy of the +</I>><i> master key, but still in security/cryptography world I don't like +</I>><i> reinventing things :) +</I> +Maybe some systems allow to revoke access, but nothing prevent that +person from keeping a copy of all passwords before his access is +revoked. So only reliable way to revoke access is to change all +passwords. + +If using a shared gpg key, to revoke access for someone we need to start +using a new key and change all passwords. That's not very convenient, +but hopefully we don't need to do that often. + +</PRE> + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="005015.html">[Mageia-sysadm] sharing account access data +</A></li> + <LI>Next message: <A HREF="005017.html">[Mageia-sysadm] sharing account access data +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#5016">[ date ]</a> + <a href="thread.html#5016">[ thread ]</a> + <a href="subject.html#5016">[ subject ]</a> + <a href="author.html#5016">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-sysadm">More information about the Mageia-sysadm +mailing list</a><br> +</body></html> |