[arch-dev-public] [aur-general] AUR migration

Eli Schwartz eschwartz at archlinux.org
Tue Jul 28 00:30:44 UTC 2020


On 7/27/20 8:03 PM, Gaetan Bisson via arch-dev-public wrote:
> [2020-07-25 00:18:55 +0200] Baptiste Jonglez:
>> On 24-07-20, Giancarlo Razzolini via arch-dev-public wrote:
>>> The migration is almost done. Since we are moving to a new machine, it will
>>> have new host keys. They are:
>>>
>>>    Ed25519: SHA256:RFzBCUItH9LZS0cKB5UE6ceAYhBD5C8GeOBip8Z11+4
>>>    ECDSA: SHA256:5s5cIyReIfNNVGRFdDbe3hdYiI5OelHGpw2rOUud3Q8
>>>    RSA: SHA256:uTa/0PndEgPZTf76e1DFqXKJEXKsn7m9ivhLQtzGOCI
>>
>> Can't you just copy the SSH host keys from the old machines?
>>
>> It's the same service as before and (presumably) the host private keys
>> were not compromised, so there is no reason to change keys.
> 
> It's quite unsettling that we seem to be rushing to write a news post
> while this very reasonable suggestion remains completely ignored.

Nothing "unsettling", about it, the suggestion is not as reasonable as
it seems on the surface (because the old box is still in use), but even
without that knowledge, given devops clearly didn't do that I don't
understand the rationale for refusing a news post after the fact. If you
think the old box is out of use and deleted, then the keys would be gone
and it would be too late to transfer them.

> For future migrations I would greatly appreciate if not all on-disk data
> were thrown away. On top of SSH keys, there are home directories which
> contain not only user data but also in some cases things useful for the
> distro as a whole (such as the service I use to version iana-etc files).

Is there reason to believe that this data was thrown away? We were given
warning when soyuz got decommissioned, to backup data before the
decommissioning date. And orion is not decommissioned, it is still used
for mail at least, so your data there is untouched and still accessible.

-- 
Eli Schwartz
Bug Wrangler and Trusted User

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1601 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-dev-public/attachments/20200727/05366619/attachment.sig>


More information about the arch-dev-public mailing list