Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Kernel Git Repositories Add 2-Factor Authentication

Posted by samzenpus on from the locking-things-down dept.

LibbyMC writes For a few years now Linux kernel developers have followed a fairly strict authentication policy for those who commit directly to the git repositories housing the Linux kernel. Each is issued their own ssh private key, which then becomes the sole way for them to push code changes to the git repositories hosted at kernel.org. While using ssh keys is much more secure than just passwords, there are still a number of ways for ssh private keys to fall into malicious hands. So they've further tightened access requirements with two-factor authentication using yubikeys.

4 of 49 comments (clear)

  1. Oh no. by i+kan+reed · · Score: 4, Funny

    Someone might commit code to our open source project. We can't have that.

    1. Re:Oh no. by i+kan+reed · · Score: 5, Funny

      Okay, so once again I have to be reminded that no one is allowed to joke about the Linux kernel, because the distros are responsible for packaging a sense of humor.

    2. Re:Oh no. by i+kan+reed · · Score: 2, Funny

      As long as we're being humorless assholes:
      Jokes are defined by the intention of humor. Lots of things are funny that aren't jokes, like, say, if you died, it'd be hilarious. Lots of things are jokes that fail at being funny: see the complete works of Carlos Mencia.

  2. Finally as secure as MMO games by Zan+Lynx · · Score: 5, Funny

    Finally the Linux kernel which runs almost the entire Internet is as secure as my MMORPG accounts. About time. :P