[clue-admin] Fwd: Membership setup

David L. Anselmi anselmi at anselmi.us
Wed Jan 4 18:53:42 MST 2006 

Jeff Cann wrote:
[...]
> Can you document on our wiki the file location.  Who is able to run the 
> script? (hopefully only root, but admins should be able to run it via 
> 'sudo').

Looks like it should go in /var/local and the script in /usr/local/sbin.

Might want to have someone do a code review of the script.  For others 
to use it, maintain it, and extend it easily. others should look at it.

>>3. I've verified that I can transmit a public key to the new user and
>>use sftp to access the account.
> 
> Are we still planning on you being the public key admin for the users?  This 
> was the plan the last time we talked about it.  If so, will a user just email 
> your key?  

Collins will have to be careful that he gets keys from the actual 
members.  The circumstances around receiving a key should be adequate 
authentication.  But an out of the blue "I lost my private key please 
change my account to use this one" probably isn't.

> Should we publish those keys in a CLUE key server (mythical phase 2) - just 
> wondering... but it would make it easy to allow secure communications between 
> members.

I think you're confusing public keys with certificates.  Although just a 
public key is enough if we trust the CLUE server I'm not sure apps (like 
gpg) will use bare keys.  We probably don't want to make a PKI to issue 
certificates (well, I said that about jabber too but this time I mean 
it). ;-)

[...]
> 2.   We should talk about the current list of members.  Some have paid 
> recently, others paid 2 years ago.
[...]
> Or should we keep things simple and say:  here's our 2006 membership drive - 
> everyone has to sign up again.  I'm liking this idea as I type it.  What do 
> you guys think?

I think the clock for people who have paid starts when they start 
getting the benefits we promised, for those we can contact.  If we can't 
reach them directly or by the announce list don't sweat it.

> 3.  Should we offer jabber access to members only?  It's another 'benefit' of 
> membership - something we were always needing.  I'll check on the user admin 
> for jabber and let you know how we should set up accounts.

Can you make it use the same public keys ssh does?  That would be cool.

Dave
_______________________________________________
CLUE-admin mailing list
CLUE-admin at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-admin

More information about the clue-admin mailing list