On Mon, Dec 11, 2017 at 4:58 AM, Victor Stinner <victor.stin...@gmail.com> wrote: > ... > Oh, my explanation makes the assumption that you all already enabled > 2-factor auth on your email, right? :-) If you wasn't aware: email is > simply the *most* critical part of your whole online data. If a hacker > gets access to your email, you already lost all your online > accounts...
Why do you say this? Can't this only be true for accounts that allow password recovery / reset via email? --Chris > > For Gmail users: you may have a look at > https://myaccount.google.com/security as well. Maybe remove old > services that have access to your Google account? > > > After the hack, I also generated a new SSH key, even if it wasn't > stored online and is encrypted by a passphrase. Just because I was > using the same key since many years. I chose to use the new modern > ed25519 key format. It uses an elliptic curve rather than RSA, it's a > different kind of security. While I don't know if it's more secure, I > read that it's faster :-) > > https://en.wikipedia.org/wiki/EdDSA > > I was able to use this new key formats on all services... except Launchpad. > > Changing a private SSH key isn't easy: > > * You have to install the new SSH on most services that you are using > * You have to manually remove the old SSH key from *all* services that > you are using (there is no global "SSH revokation" service...) > * I used ~/.ssh/known_hosts to get most services, but also updated > GitHub, Bitbucket, etc. > * There are a few other services like psf-salt/psf-chef where you may > also want to see your SSH key updated > * The question is then if the old SSH key must be removed... the > problem is that I never tried to keep track of services that I'm using > through SSH, so I decided to keep the old SSH key (outside ~/.ssh). In > practice, I'm only using my new SSH private since longer than 6 months > and I was never blocked. > > I also had trouble to get working SSH agent on Gnome for my ed25519 > key, but I succeeded to enable the regular ssh-agent using systemd > --user. Tell me if you want instructions for this part as well. > > Victor > _______________________________________________ > python-committers mailing list > python-committers@python.org > https://mail.python.org/mailman/listinfo/python-committers > Code of Conduct: https://www.python.org/psf/codeofconduct/ _______________________________________________ python-committers mailing list python-committers@python.org https://mail.python.org/mailman/listinfo/python-committers Code of Conduct: https://www.python.org/psf/codeofconduct/