On Fri, Aug 12, 2022 at 05:37:33PM +0100, Marcin Kulisz wrote: > I have managed to talk to Jeb and he is very receptive for the idea of handing > over root access to the account. > We just need to provide him with the group email address which he is going to > put on the account and he will remove MFA from it. > Before we'll do it we need to agree who and in what form is going to provide > MFA to this account so we can keep it 'safe'. That's great, thanks for catching up with him. > My take on the latter would be that one of the delegates if we'd have a chair > would be holding MFA to this account and this would be passed along this line to > the next one and it should be an obligation of the chair to do it be. > > I would nominate Ross as the person usually charring our meetings. > > Any other ideas or suggestions how to do it? Bastian suggested storing it in the password repo [1]. I like that since it supports providing access to multiple people via their gpg keys. I don't quite understand how to use pwstore, but the idea seems simple enough. Ross [1] - https://salsa.debian.org/cloud-admin-team/debian-cloud-admin-password
Attachment:
signature.asc
Description: PGP signature