<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Debian Project -- General LDAP Documentation</title> <link rev="made" href="mailto:webmaster@debian.org"> <meta name="Generator" content="WML 2.12.2"> <meta name="Modified" content="2023-09-21 13:36:50"> <link href="/js/datatables.min.css" rel="stylesheet" type="text/css"> <link href="/debian.css" rel="stylesheet" type="text/css"> <link href="/debdb.css" rel="stylesheet" type="text/css"> <link href="/debian-en.css" rel="stylesheet" type="text/css" media="all"> <script language="javascript" type="text/javascript" src="/js/jquery/jquery.js"></script> <script language="javascript" type="text/javascript" src="/js/datatables.min.js"></script> <script language="javascript" type="text/javascript" src="/js/debdb.js"></script> </head> <body> <div id="header"> <div id="upperheader"> <div id="logo"> <a href="https://www.debian.org/"><img src="/Pics/openlogo-50.png" width="50" height="61" alt=""></a> </div> <!-- end logo --> <p class="section"><a href="/">db</a></p> </div> <!-- end upperheader --> <!--UdmComment--> <div id="navbar"> <p class="hidecss"><a href="#inner">Skip Quicknav</a></p> <ul> <li><a href="https://www.debian.org/intro/about">About Debian</a></li> <li><a href="https://www.debian.org/News/">News</a></li> <li><a href="https://www.debian.org/distrib/">Getting Debian</a></li> <li><a href="https://www.debian.org/support">Support</a></li> <li><a href="https://www.debian.org/devel/">Developers'&nbsp;Corner</a></li> <li><a href="https://www.debian.org/sitemap">Site map</a></li> <li><a href="http://search.debian.org/">Search</a></li> </ul> </div> <!-- end navbar --> <p id="breadcrumbs"><a href="./">db.debian.org</a> &#x2F;</p> </div> <!-- end header --> <!--/UdmComment--> <div id="content"> <h1 class="h1class">General LDAP Documentation</h1> <div id="second-nav"> <p> <ul class="cdmenu"> <li>General Documenation <ul> <li><a href="machines.cgi">Development machines</a><li> <li><a href="https://www.debian.org/devel/dmup">Machine Usage Policies</a><li> <li><a href="https://dsa.debian.org">DSA Wiki</a><li> </ul> </li> <li>LDAP Documentation <ul> <li><a href="doc-general.html">General LDAP Documentation</a></li> <li><a href="doc-direct.html">Direct LDAP Access</a></li> <li><a href="doc-mail.html">LDAP Mail Gateway</a></li> <li><a href="password.html">Lost or forgotten password instructions</a></li> <li><a href="forward.html">Debian.org Email Forwarding</a></li> </ul> </li> </ul> </p> </div> <p> debian.org uses a single LDAP driven directory for account management across all the project run <a href="/machines.cgi">machines</a>. This directory also provides services for leaving vacation notices, updating <a href="https://www.debian.org/devel/developers.loc">xplanet</a> coordinates, email forwarding, ssh authentication keys and other information. <p> Note: the 'passwd' program and 'chfn' do not work with LDAP information. Please use the web page or email gateway for the time being. All machines running OpenSSH are using replicated SSH authentication keys. <h1>Security and Privacy</h1> <p> Three levels of information security are provided by the database. The first is completely public information that anyone can see either by issuing an LDAP query or by visiting the web site. The next level is <em>developer-only</em> information that requires the search to be performed from a .debian.org machine (see <a href="doc-direct.html">this tutorial</a> on how to use ldapsearch from a .debian.org machine for a direct connection to the LDAP daemon) or from the web interface after one has authenticated themselves as a Debian Developer. The final level is <em>admin-only</em> or <em>user-only</em> information; this information can only be viewed by the user or an administrator. <p> <em>developer-only</em> information includes precise location information [postalcode, postal address, lat/long] telephone numbers, and the vacation message. <p> <em>Admin-only/user-only</em> information includes email forwarding, ssh keys and the encrypted password. Note that email forwarding is necessarily publicly viewable from accounts on the actual machines. <p> Entries in the directory are keyed to the developers PGP key, whoever has that key can make any change to the directory through the mail interface. <h1>Access</h1> <p> The directory has several means to access it: <ul> <li><a href="https://db.debian.org/login.html">SSL Web Forms</a> <li>Finger gateway, <tt>finger foo@db.debian.org</tt> <li>GPG key gateway, <tt>finger foo/key@db.debian.org</tt> <li><a href="doc-mail.html">Mail gateway</a> <li><a href="doc-direct.html">Direct LDAP Access</a> <li>LDAP command line tools such as <tt>ud-info</tt> </ul> <p> <a href="password.html">Lost or forgotten password instructions</a> <hr noshade width="100%" size="1"> <small> You can contact us at <a href="mailto:admin@db.debian.org">admin@db.debian.org</a>. </small> <p> <p><small> Last Modified: Mon, Mar 28 15:36:36 UTC 2022 <br> Copyright &copy; 1997-2022 <a href="http://www.spi-inc.org/">SPI</a>; See <a href="https://www.debian.org/license" rel="copyright">license terms</a><br> Debian is a registered trademark of Software in the Public Interest, Inc. </small></p> </body> </html>