The request sets out the requirement for passwords of at least 9 characters in length (20 if only lowercase characters are used) and notes that a new SSH public key must also be generated to avoid an account being marked as inactive. The announcement also includes a "Do's and Don'ts" section with several tips for increasing personal security. Instructions for changing Fedora Account System passwords and SSH public keys can be found in the Q&A section of the announcement.
Backgound and Reasoning:-
New Password Rules:-
- Nine or more characters with lower and upper case letters, digits and punctuation marks.
- Ten or more characters with lower and upper case letters and digits.
- Twelve or more characters with lower case letters and digits
- Twenty or more characters with all lower case letters.
- No maximum length.
- NEVER store your ssh private key on a shared or public system.
- ALWAYS use a strong passphrase on your ssh key.
- If you must store passwords, use an application specifically for this purpose like revelation, gnome-keyring, seahorse, or keepassx.
- Regularly apply your operating system's security related updates.
- Only use ssh agent forwarding when needed ( .ssh/config: "ForwardAgent no")
- DO verify ssh host keys via dnssec protected dns. ( .ssh/config:"VerifyHostKeyDNS yes")
- DO consider a seperate ssh key for Fedora Infrastructure.
- Work with and use security features like SELinux and iptables.
- Review the Community Standard Infrastructure security document
LINK TO OUR HOME PAGE :