General LDAP Documentation

debian.org uses a single LDAP driven directory for account management across all the project run machines. This directory also provides services for leaving vacation notices, updating xplanet coordinates, email forwarding, ssh authentication keys and other information.

Note: the 'passwd' program and 'chfn' do not work with LDAP information. Please use the web page or email gateway for the time being. All machines running OpenSSH are using replicated SSH RSA authentication keys.

Security and Privacy

Three levels of information security are provided by the database. The first is completely public information that anyone can see either by issuing an LDAP query or by visiting the web site. The next level is developer-only information that requires the search to be performed from a .debian.org machine (see this tutorial on how to use ldapsearch from a .debian.org machine for a direct connection to the LDAP daemon) or from the web interface after one has authenticated themselves as a Debian Developer. The final level is admin-only or user-only information; this information can only be viewed by the user or an administrator.

developer-only information includes precise location information [postalcode, postal address, lat/long] telephone numbers, and the vacation message.

Admin-only/user-only information includes email forwarding, ssh keys and the encrypted password. Note that email forwarding is necessarily publicly viewable from accounts on the actual machines.

Entries in the directory are keyed to the developers PGP key, whoever has that key can make any change to the directory through the mail interface.

Access

The directory has several means to access it:

Lost or forgotten password instructions


You can contact us at admin@db.debian.org.

Last Modified: Mon, Apr 25 02:52:03 UTC 2016
Copyright © 1997-2016 SPI; See license terms
Debian is a registered trademark of Software in the Public Interest, Inc.