Difference between revisions of "Service/keys"

From Sugar Labs
Jump to: navigation, search
(Description: update link to SKS homepage)
(Description: update link to SKS)
Line 1: Line 1:
 
== Description ==
 
== Description ==
  
keys.sugarlabs.org is an OpenPGP [http://en.wikipedia.org/wiki/Key_server_(cryptographic) key server] powered by the [http://code.google.com/p/sks-keyserver/ SKS] keyserver software.
+
keys.sugarlabs.org is an OpenPGP [http://en.wikipedia.org/wiki/Key_server_(cryptographic) key server] powered by the [https://bitbucket.org/yminsky/sks-keyserver SKS] keyserver software.
  
 
We use [http://www.monkeysphere.info Monkeysphere] to allow users to [http://web.monkeysphere.info/doc/service-authentication-ssh/ authenticate our SSH host keys] using their PGP web of trust. Future plans include [http://web.monkeysphere.info/doc/ssh-user-authentication managing user keys] (authorized_keys) as well. Monkeysphere regularly searches for and fetches (potential) [http://tools.ietf.org/html/rfc4880 OpenPGP] keys for all users to check for new and/or revoked keys, which causes some load on keyservers. In order not to annoy operators of (other) public keyservers, we run our own. As a nice side effect we contribute back to the OpenPGP community by being [http://sks-keyservers.net/status/info/keys.sugarlabs.org part of] the [http://sks-keyservers.net/overview-of-pools.php SKS keyserver pool], similar to what we do for [[Service/time|NTP]].
 
We use [http://www.monkeysphere.info Monkeysphere] to allow users to [http://web.monkeysphere.info/doc/service-authentication-ssh/ authenticate our SSH host keys] using their PGP web of trust. Future plans include [http://web.monkeysphere.info/doc/ssh-user-authentication managing user keys] (authorized_keys) as well. Monkeysphere regularly searches for and fetches (potential) [http://tools.ietf.org/html/rfc4880 OpenPGP] keys for all users to check for new and/or revoked keys, which causes some load on keyservers. In order not to annoy operators of (other) public keyservers, we run our own. As a nice side effect we contribute back to the OpenPGP community by being [http://sks-keyservers.net/status/info/keys.sugarlabs.org part of] the [http://sks-keyservers.net/overview-of-pools.php SKS keyserver pool], similar to what we do for [[Service/time|NTP]].

Revision as of 04:53, 3 June 2012

Description

keys.sugarlabs.org is an OpenPGP key server powered by the SKS keyserver software.

We use Monkeysphere to allow users to authenticate our SSH host keys using their PGP web of trust. Future plans include managing user keys (authorized_keys) as well. Monkeysphere regularly searches for and fetches (potential) OpenPGP keys for all users to check for new and/or revoked keys, which causes some load on keyservers. In order not to annoy operators of (other) public keyservers, we run our own. As a nice side effect we contribute back to the OpenPGP community by being part of the SKS keyserver pool, similar to what we do for NTP.

  • Status as provided by the server itself
  • Status as monitored by the pool

Hostnames


Hosted on

Machine/lightwave


Administrative contact

systems AT sugarlabs DOT org


Sysadmins

For non-emergency calls, preferably send email to the administrative contact.


Notes

Upgrade notes

See Also