oftc.net uses a single LDAP driven directory for account management across all the project run machines. This directory also provides services for leaving vacation notices , email forwarding, ssh authentication keys and other information.
Note: the 'passwd' program and 'chfn' do not work with LDAP information. Please use the web page or email gateway for the time being. All machines running OpenSSH are using replicated SSH RSA authentication keys.
Three levels of information security are provided by the database. The first is completely public information that anyone can see either by issuing an LDAP query or by visiting the web site. The next level is developer-only information that requires the search to be performed from a .oftc.net machine (see this tutorial on how to use ldapsearch from a .oftc.net machine for a direct connection to the LDAP daemon) or from the web interface after one has authenticated themselves as a Debian Developer. The final level is admin-only or user-only information; this information can only be viewed by the user or an administrator.
developer-only information includes precise location information [postalcode, postal address, lat/long] telephone numbers, and the vacation message.
Admin-only/user-only information includes email forwarding, ssh keys and the encrypted password. Note that email forwarding is necessarily publicly viewable from accounts on the actual machines.
Entries in the directory are keyed to the developers PGP key, whoever has that key can make any change to the directory through the mail interface.
The directory has several means to access it:
Lost or forgotten password instructions
Last Modified: Fri, Jan 28 19:13:06 UTC 2005
Copyright © 1997-2005
SPI; See license terms
Debian is a registered trademark of Software in the Public Interest, Inc.