fedora-infrastructure

#3642 Audit the private repo passwords

Closed: Fixed None Opened 11 years ago by toshio.

= phenomenon =

Passwords in the private repo could use a little love:

We ought to change the passwords every once in a while
We should definitely change all the passwords that no longer meet our general-user password criteria to be longer.
Organizationally it would be good to know some things about each password:
Do we also have to change it in fas/bugzilla/another thing not puppet templated?
How bad would it be if the "password" was inadvertantly made public?

kevin commented 11 years ago

How about we add a little comments template in front of each password:

{{{

purpose:

where to change:

impact of public release:

last changed:

}}}

I'm not sure we can do this for all of them in one pass, but we could require this in the new ansible private repo and enforce it there as we move things.

Thoughts?

toshio commented 11 years ago

That works for me. The idea of doing it as we transition to ansible is especially appealing as it gives a definite point where we should be doing this.

lmacken commented 11 years ago

Sounds good

kevin commented 8 years ago

The old puppet private repo is retired now, so everything is in ansible and with info.

Metadata

Assignee

None

Tags

None

Blocking

None

Depending on

None

Priority

None

fedora-infrastructure

Source Code

#3642 Audit the private repo passwords Closed: Fixed None Opened 11 years ago by toshio.

purpose:

where to change:

impact of public release:

last changed:

Metadata

#3642 Audit the private repo passwords

Closed: Fixed None Opened 11 years ago by toshio.