Package: wnpp
Severity: wishlist
Owner: Henry-Nicolas Tourneur
* Package name: gnome-passwordsafe
Version : 3.99.2
Upstream Author : Falk Alexander Seidl , Uta Lemke
* URL : https://gitlab.gnome.org/World/PasswordSafe
* License : GPL
Programming Lang: Python
Package: wnpp
Severity: wishlist
Owner: Mo Zhou
* Package name: pytorch
* URL : https://github.com/pytorch/pytorch
* License : BSD-3
Programming Lang: C++, python
Description : Tensors and Dynamic neural networks in Python with strong
GPU acceleration
One of the
Package: wnpp
Severity: wishlist
Owner: Mo Zhou
* Package name: pytorch-text
* URL : https://github.com/pytorch/text
* License : bsd-3
Programming Lang: py
Description : Data loaders and abstractions for text and NLP
allows users to better manipulate textual data
Package: wnpp
Severity: wishlist
Owner: Mo Zhou
* Package name: pytorch-audio
* URL : https://github.com/pytorch/audio
* License : bsd-2
Programming Lang: py
Description : Data manipulation and transformation for audio signal
processing, powered by PyTorch
enable
Package: wnpp
Severity: wishlist
Owner: Mo Zhou
* Package name: pytorch-ignite
* URL : https://github.com/pytorch/ignite
* License : BSD-3
Programming Lang: py
Description : High-level library to help with training neural networks in
PyTorch
make pytorch even eas
Package: wnpp
Severity: wishlist
Owner: Mo Zhou
* Package name: pytorch-vision
* URL : https://github.com/pytorch/vision
* License : BSD-3
Programming Lang: C++,py
Description : Datasets, Transforms and Models specific to Computer Vision
a very important extra mod
Hi,
Google Authenticator is a software-based authenticator by Google that
implements two-step verification services using the Time-based One-time
Password Algorithm (TOTP; specified in RFC 6238) and HMAC-based One-time
Password algorithm (HOTP; specified in RFC 4226), for authenticating users
Package: wnpp
Severity: wishlist
Owner: David Heidelberg
* Package name: mobile-datovka
Version : 1.9.1
Upstream Author : Karel Slaný
* URL : https://www.datovka.cz/cs/pages/mobilni-datovka.html
* License : GPL-3.0-or-later, CC0-1.0
Programming Lang: C++
D
On Sun, Apr 26, 2020 at 02:07:54PM +0200, Bernd Zeimetz wrote:
> There are even cli tools that do the same stuff. I'd guess there is at least
> one on Debian.
Indeed, after I first lost a phone, and a second one broke, leaving me
with a quite huge pain to recover my accounts, I started using
`oat
❦ 26 avril 2020 14:07 +02, Bernd Zeimetz:
> There are even cli tools that do the same stuff. I'd guess there is at
> least one on Debian.
There is oathtool.
--
I dote on his very absence.
-- William Shakespeare, "The Merchant of Venice"
signature.asc
Description: PGP signature
Am 26.04.20 um 14:36 schrieb Mattia Rizzolo:
> On Sun, Apr 26, 2020 at 02:07:54PM +0200, Bernd Zeimetz wrote:
>> There are even cli tools that do the same stuff. I'd guess there is at least
>> one on Debian.
>
> Indeed, after I first lost a phone, and a second one broke, leaving me
> with a quite
do we have some documentation explaining how to use a nitrokey PRO in order to
do
2FA authentication for salsa ? It seesm that ybikey is suppoprted out of the
box, but inevertheless is it possible to use a nitrokey pro 2 for the same
purpose ?
On Sun, Apr 26, 2020 at 12:31:42AM +0200, Gard Spreemann wrote:
>
> Bernd Zeimetz writes:
> > Actually I think 2FA should be enforced for everybody.
> > Even debian.org related passwords might get lost.
>
> Right, but what's the threat model here? For some of us, losing the
> Salsa password is e
Package: wnpp
Severity: wishlist
Owner: TANIGUCHI Takaki
* Package name: pytyon-diagrams
Version : 0.9.0
Upstream Author : Copyright: 2020 MinJae Kwon
* URL : https://diagrams.mingrammer.com/
* License : MIT
Programming Lang: Python
Description : Diagr
Package: wnpp
Severity: wishlist
Owner: Vincent Bernat
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
* Package name: bgpq4
Version : 0.0.6
Upstream Author : Job Snijders
* URL : https://github.com/bgp/bgpq4
* License : BSD 2-clause
Programming Lang: C
De
Hello,
On Sun 26 Apr 2020 at 02:36PM +02, Mattia Rizzolo wrote:
> On Sun, Apr 26, 2020 at 02:07:54PM +0200, Bernd Zeimetz wrote:
>> There are even cli tools that do the same stuff. I'd guess there is at least
>> one on Debian.
>
> Indeed, after I first lost a phone, and a second one broke, leavi
On Sun, Apr 26, 2020 at 10:12:41AM -0700, Sean Whitton wrote:
> On Sun 26 Apr 2020 at 02:36PM +02, Mattia Rizzolo wrote:
> > On Sun, Apr 26, 2020 at 02:07:54PM +0200, Bernd Zeimetz wrote:
> >> There are even cli tools that do the same stuff. I'd guess there is at
> >> least one on Debian.
> > Inde
Package: wnpp
Severity: wishlist
Owner: Doug Torrance
* Package name: mpsolve
Version : 3.1.8
Upstream Author : Leonardo Robol
* URL : https://numpi.dm.unipi.it/software/mpsolve
* License : GPL
Programming Lang: C
Description : multiprecision polynomia
Le 26/04/2020 à 14:07, Bernd Zeimetz a écrit :
> Hi,
>
> Google Authenticator is a software-based authenticator by Google that
> implements two-step verification services using the Time-based One-time
> Password Algorithm (TOTP; specified in RFC 6238) and HMAC-based One-time
> Password algorithm (
On 4/26/20 7:12 PM, Sean Whitton wrote:
> In such a case, though, haven't you essentially turned it back into one
> factor authentication (the single factor being your laptop)?
Still better than losing a single password in whatever way in the
internet. Targeted phishing attacks for example.
-
On 4/26/20 12:41 AM, Thomas Goirand wrote:
> On 4/25/20 11:14 PM, Bernd Zeimetz wrote:
>> Actually I think 2FA should be enforced for everybody.
>> Even debian.org related passwords might get lost.
>
> I use strong password, stored with keepassxc, with the password db
> encrypted using the HMAC
On 4/26/20 2:40 PM, Michael Biebl wrote:
> Am 26.04.20 um 14:36 schrieb Mattia Rizzolo:
>> On Sun, Apr 26, 2020 at 02:07:54PM +0200, Bernd Zeimetz wrote:
>>> There are even cli tools that do the same stuff. I'd guess there is at
>>> least one on Debian.
>>
>> Indeed, after I first lost a phone,
On 4/26/20 12:31 AM, Gard Spreemann wrote:
> Right, but what's the threat model here? For some of us, losing the
> Salsa password is essentially only possible if we have had our PGP
> dongle or offline private key backup compromised. In this case, the
> attacker can sign uploads to the archive
Quoting Bernd Zeimetz (2020-04-26 20:34:12)
> On 4/26/20 12:41 AM, Thomas Goirand wrote:
> > On 4/25/20 11:14 PM, Bernd Zeimetz wrote:
> >> Actually I think 2FA should be enforced for everybody.
> >> Even debian.org related passwords might get lost.
> > I use strong password, stored with keepassxc,
On Sat, Apr 25, 2020 at 11:14:39PM +0200, Bernd Zeimetz wrote:
> Actually I think 2FA should be enforced for everybody.
No, we don't enforce 2FA for everybody. And I don't consider it
appropriate to raise the option.
However, you may choose to enforce 2FA for all users of your groups.
Regards,
On 4/26/20 8:30 PM, Bastian Blank wrote:
> On Sat, Apr 25, 2020 at 11:14:39PM +0200, Bernd Zeimetz wrote:
>> Actually I think 2FA should be enforced for everybody.
>
> No, we don't enforce 2FA for everybody. And I don't consider it
> appropriate to raise the option.
Could you explain why?
Th
On 4/26/20 8:46 PM, Johannes Schauer wrote:
> Quoting Bernd Zeimetz (2020-04-26 20:34:12)
>> On 4/26/20 12:41 AM, Thomas Goirand wrote:
>>> On 4/25/20 11:14 PM, Bernd Zeimetz wrote:
Actually I think 2FA should be enforced for everybody.
Even debian.org related passwords might get lost.
On 2020-04-26 21:02:34 +0200 (+0200), Bernd Zeimetz wrote:
> On 4/26/20 8:30 PM, Bastian Blank wrote:
> > On Sat, Apr 25, 2020 at 11:14:39PM +0200, Bernd Zeimetz wrote:
> >> Actually I think 2FA should be enforced for everybody.
> >
> > No, we don't enforce 2FA for everybody. And I don't consider
❦ 26 avril 2020 20:29 +00, Jeremy Stanley:
> You're already seeing quite a few folks responding that being
> required to use an additional application or device each time they
> authenticate would be an inconvenience to them. This is a signal. I
> personally wouldn't enjoy being prompted to activ
Michael Biebl wrote on 26/04/2020:
> Am 26.04.20 um 14:36 schrieb Mattia Rizzolo:
>> On Sun, Apr 26, 2020 at 02:07:54PM +0200, Bernd Zeimetz wrote:
>>> There are even cli tools that do the same stuff. I'd guess there is at
>>> least one on Debian.
>>
>> Indeed, after I first lost a phone, and a se
Mattia Rizzolo writes:
> Since I sometimes I don't really know my passwords, I suppose at that
> point the "something I know" instead of being the actual password is the
> GPG passphrase used to decrypt the file that actually contains the
> password, but it's still 2fa.
By equivalent logic, a Gn
Vincent Bernat writes:
> This is not how this is implemented. I am using GitHub and GitLab with
> 2FA enabled and I am rarely asked to enter any token. Once you get
> authenticated on a device, it remains for a long time.
Pretty much every time I go to salsa.debian.org, I have to log back in
aga
Am 26.04.2020 um 23:47 schrieb Paride Legovini:
>
> Another good one with builtin backup functionality is Aegis [1,2]. It's
> GPLv3 and available via f-droid.
>
Thanks, haven't heard of it before but looks interesting.
Michael
--
Why is it that all of the instruments seeking intelligent life
Hello,
On Sun 26 Apr 2020 at 10:53PM +02, Vincent Bernat wrote:
> ❦ 26 avril 2020 20:29 +00, Jeremy Stanley:
>
>> You're already seeing quite a few folks responding that being
>> required to use an additional application or device each time they
>> authenticate would be an inconvenience to them.
Thomas Goirand wrote on 26/04/2020:
> On 4/25/20 11:14 PM, Bernd Zeimetz wrote:
>> Actually I think 2FA should be enforced for everybody.
>> Even debian.org related passwords might get lost.
>
> I use strong password, stored with keepassxc, with the password db
> encrypted using the HMAC of my yub
Paride Legovini writes:
> It's still one static shared secret you need to enter every time. If it
> gets stolen, because your browser or your computer is compromised, or in
> a MITM attack where the attacker gained access to a valid certificate
> for salsa.debian.org [1,2], your account is gone.
On 4/26/20 8:34 PM, Bernd Zeimetz wrote:
>
>
> On 4/26/20 12:41 AM, Thomas Goirand wrote:
>> On 4/25/20 11:14 PM, Bernd Zeimetz wrote:
>>> Actually I think 2FA should be enforced for everybody.
>>> Even debian.org related passwords might get lost.
>>
>> I use strong password, stored with keepassx
On 4/27/20 12:18 AM, Paride Legovini wrote:
> It's still one static shared secret you need to enter every time. If it
> gets stolen, because your browser or your computer is compromised, or in
> a MITM attack where the attacker gained access to a valid certificate
> for salsa.debian.org [1,2], your
Thomas Goirand writes:
> Now, if you want something safer, maybe we could implement something
> that involves crypto a smarter way, like SQRL, so we avoid storing any
> password in Salsa, even hashed:
> https://www.grc.com/sqrl/sqrl.htm
I don't know anything about SQRL (and am too lazy to try to
Russ Allbery writes:
> That's effectively what a password manager simulates, albeit trading off
> local secure storage for convenience while limiting the strong passwords
> someone has to memorize to one. I would argue that the only functional
> difference between a properly-configured password
Thomas Goirand wrote on 27/04/2020:
> On 4/27/20 12:18 AM, Paride Legovini wrote:
>> It's still one static shared secret you need to enter every time. If it
>> gets stolen, because your browser or your computer is compromised, or in
>> a MITM attack where the attacker gained access to a valid certi
❦ 26 avril 2020 15:04 -07, Russ Allbery:
>> This is not how this is implemented. I am using GitHub and GitLab with
>> 2FA enabled and I am rarely asked to enter any token. Once you get
>> authenticated on a device, it remains for a long time.
>
> Pretty much every time I go to salsa.debian.org, I
42 matches
Mail list logo
