Service/keys
< Service
Jump to navigation
Jump to search
We use Monkeysphere to allow users to authenticate our SSH host keys using their PGP web of trust. Future plans include managing user keys (authorized_keys) as well. Monkeysphere regularly searches for and fetches (potential) OpenPGP keys for all users to check for new and/or revoked keys, which causes some load on keyservers. In order not to annoy operators of (other) public keyservers, we run our own. As a nice side effect we contribute back to the OpenPGP community by being part of the SKS keyserver pool, similar to what we do for NTP.