Thoughts on NOPASSWD and disabling agent forwarding on publictest machines?
Jeremy Katz
katzj at redhat.com
Mon Aug 17 13:30:04 UTC 2009
On Sunday, August 16 2009, Mike McGrath said:
> I'm conflicted on this, there's valid points here but also the risks are
> fairly low. As far as disabling agent forwarding, that's trivial to
> re-enable if the box gets rooted.
We could add something to the security doc suggesting something like the
following in ~/.ssh/config
Host publictest*.fedoraproject.org
ForwardAgent no
Jeremy
More information about the Fedora-infrastructure-list
mailing list