Reminders about login security on gnome.org



With the recent debian.org incident, I wanted to send out some brief
reminders about security on gnome.org:

 - Always log in from a secure machine. That typically
   means from your own workstation or laptop. If that's
   not possible, then make sure you really, really 
   trust the person who administers the machine.

   Logging into gnome.org from public lab machines or
   internet terminals is *highly* 

   The same applies even more so to CVS access.

 - Use an ssh-key with a passphrase if at all possible.
   Don't use a ssh-key without a passphrase.
 
 - If you have a login or CVS account on gnome.org that 
   you are no longer using, and don't need, please mail
   acounts gnome org and ask for it to be removed.

 - If you, have, in the past:
   
    - Logged into gnome.org from a shared machine
    - Used the same password on gnome.org and on another
      system.

   Please change your password on gnome.org *right now*,
   or mail accounts gnome org and ask us to disable
   the account.

Thanks,
					Owen





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]