Fedora To Implement Security Changes
Written by Michael Larabel in Fedora on 12 October 2011 at 03:01 PM EDT. 14 Comments
Fedora
In wake of Kernel.org, The Linux Foundation, and WineHQ being compromised, the Fedora Project has mandated new security changes.

While the Red Hat / Fedora Project infrastructure has not been compromised, it's been decided that all users of the Fedora Account System must change their password and upload a new SSH public key prior to month's end. For users not changing out their password and SSH key, their accounts will be marked inactive.

"This change event has NOT been triggered by any specific compromise or vulnerability in Fedora Infrastructure. Rather, we believe, due to the large number of high profile sites with security breaches in recent months, that this is a great time for all Fedora contributors and users to review their security settings and move to "best practices" on their machines. Additionally, we are putting in place new rules for passwords to make them harder to guess."

New Fedora passwords must be nine or more (lower and upper case) characters and include letters, digits, and punctuation marks. If wishing to do away with punctuation marks in the password, it must be ten or more upper and lower case characters and digits. If your password is at least 20 characters long, you can get away with all letters that are lower-case.

In the mailing list message announcing these security changes, various other security precautions and recommendations are also laid out.
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the web-site in 2004 with a focus on enriching the Linux hardware experience and being the largest web-site devoted to Linux hardware reviews, particularly for products relevant to Linux gamers and enthusiasts but also commonly reviewing servers/workstations and embedded Linux devices. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics hardware drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated testing software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related Fedora News
Popular News
Trending Reviews & Featured Articles