On 5/13/2017 10:25 AM, Dave Jones wrote:
How exactly do you want them to be stored? I am not familiar with
doing this.
The process I have seen used in the ASF is to use gpg to encrypt the
files hence why one of the requests for you and Bryan was for your
public keys to be put up on people.
I was under the impression when you told me "there were things all
over the place that updated DNS" this could be from other servers too.
I may have over stated the issue, sorry. As we bring things back
online, we'll find out :-)
My concern is that in the past, we used so much of a VM machine's
resources that it brought the machine to it's knees. So sa-vm1 being
ramped up could bring that same issue to light.
So if you see the legacy list of machines, there was a lot more systems
involved. If we can get down to just one box, it'll be simple. But if
we need more boxes, sobeit!
This would be good to use something like a LastPass shared note. I use
LastPass extensively for personal and work (LastPass Enterprise).
Agreed. LastPass, OnePass, etc. As Bryan comes onboard, I'll look at
what needs to be encrypted and if it gets too much, we can look at that.
Regards,
KAM
--
Kevin A. McGrail
Asst. Treasurer, Apache Software Foundation
Chair Emeritus Apache SpamAssassin Project