← Back to team overview

kicad-developers team mailing list archive

Re: GitLab migration

 

On 2019-11-25 06:08, Wayne Stambaugh wrote:
Hi Mark,

Do you mean using a GPG key?  I see the gitlab supports signed commits
so would that be an adequate solution?  I'm fine with this, it's
probably something we should be doing anyway. Anyone else object to this?


2FA would be using something like Google Authenticator on your phone, a YubiKey or SMS message code to verify your login on a computer in addition to the password.

The worry is that SSH keys can be added to a compromised account that would allow an attacker to change the code/website/packages/etc.

-S

Seth Hillbrand
KiCad Services Corporation
https://www.kipro-pcb.com
+1 530 302 5483 | +1 212 603 9372


Follow ups

References