On Mon, Apr 25, 2022 at 04:14:03PM -0400, Matthew Miller wrote: > On Fri, Apr 22, 2022 at 03:44:01PM +0200, Miro Hrončok wrote: > > If I understand correctly, SSH access is a security/legal/whatever > > no-go for nonpackagers, but can we offer some kind of standard git > > mechanism to authenticate? API tokens maybe? > > If there is a technical thing we want to do to make Fedora easier to > contribute to, we should figure out how to remove any legal (or "whatever") > blockers. And mitigate any security concerns.
To my knowledge there's no legal issue around ssh access. It's simply that when we setup pkgs.fedoraproject.org so long ago, the way it was done was to add packagers as local accounts so they could ssh in. Non packagers don't have any account there, so they can't directly ssh in. Ideally we would just redo this so packagers don't have real accounts either, and just use a wrapper, but thats likely to be a bunch of work. kevin
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
