Hi, On 17-Jun-26 18:51, Adam Williamson wrote: > On Tue, 2026-06-16 at 07:26 -0400, Stephen J Smoogen wrote: >> Well you are going to need to get all the other parts of the release system >> working first to make 2factor work. > > Why? I don't understand why you keep saying this. > > We already have a 2FA requirement for sysadmin-main, and ~everyone in > sysadmin-main is also a packager (often provenpackager), and we are all > able to do all the things we need to do. I don't understand why you > seem to think it's somehow currently impossible to use 2FA for Fedora > or something? > > As someone with 2FA enabled, I have to use my second factor when > authenticating to kerberos in order to be able to submit builds. Yes, I > don't have to use the second factor every time I do a push to dist-git, > at least not currently (though 2FA was required to issue the token the > process uses, and that token can be stored pretty securely). But as > Daniel says, waiting for things to be perfect before having the > requirement doesn't seem sensible. It's still much safer with 2FA on > than without. > > Yes, if someone manages to steal my dist-git token they can do pushes > as me with nothing else. But if I had 1FA, they could do the same and > much more by stealing my password, and there are more opportunities to > steal someone's password than their dist-git token.
FWIW I've 2 factor enabled for quite a while now and it has never gotten in the way of me doing any packaging work. As Adam says, one needs to get a kerberos token from the commandline and then everything just works. Regards, Hans -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
