From the ‘What a Relief’ files:
After being offline for just over a month, kernel.org is up and running today.
Late Monday, Greg Kroah-Hartman noted that the git.kernel.org site had been restored, and was the place he put the new Linux 3.0.4 kernel. I personally wasn’t able to get to the git.kernel.org site immediately (new DNS pointers), but by Tues AM both git.kernel.org and www.kernel.org service appears to be fully restored.
The outage came after a breach where a compromised kernel developer somehow infected kernel.org’s infrastructure.The kernel.org maintainers have not yet written up a full incident report as they are still working on restoring and securing the site.
“We have taken the time to rearchitect the site in order to improve our systems for developers and users of kernel.org,” a note on kernel.org states. “To this end, we would like all developers who previously had access to kernel.org who wish to continue to use it to host their git and static content, to follow the instructions here.”
Well we know that Greg Kroah-Hartman has access (and Linus Torvalds’ too), it’ll take some time till everyone gets back on board.
To my layperson’s eye, it looks like the new system is on new IPs (hence the DNS change) and takes a more layered approach to security than just a typical generic SSH login approach with public/private keys. The crypto strength that kernel.org is now enforcing is also higher.
New PGP/GPG keys are now supposed to all be 4096-bit RSA keys (i suspect that many devs were using something smaller before).
In any event, it’s great to have kernel.org back and I’m looking forward to learning more about the exploit and the new security mechanisms in place. After all, this will likely server as a great best practice case study for how to properly secure distributed development.