Requiring Launchpad 2FA from Ubuntu uploaders
Steve Langasek
steve.langasek at ubuntu.com
Tue Aug 14 19:00:09 UTC 2018
On Tue, Aug 14, 2018 at 01:35:00PM -0500, Simon Quigley wrote:
> On 08/14/2018 11:34 AM, Colin Watson wrote:
> > How would this work, even conceptually? Some kind of extra challenge
> > when doing SFTP uploads or git/bzr pushes to ask for 2FA (and some
> > timeout arrangement so that it isn't hopelessly annoying)? What about
> > FTP uploads?
> In my opinion, SFTP should be the default for uploads to Ubuntu*, and we
> should phase out FTP. My local /etc/dput.cf has been patched to do this
> for a while now, and it works fine.
> If this is done, we should be able to use PAM with google-authenticator.
> Thoughts on going this route?
This would make mass uploads for library transitions a tremendous hassle.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer https://www.debian.org/
slangasek at ubuntu.com vorlon at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20180814/41d77671/attachment.sig>
More information about the ubuntu-devel
mailing list