On 2013-05-12 14:20, Thomas Goirand wrote: > On 05/12/2013 05:54 PM, Niels Thykier wrote: >> You probably want to sign the key. >> >> ~Niels > Can an ssh key be pgp signed? I didn't know. > How do I do that? > > Thomas > >
The key can be GPG signed like any other text file. If you clear sign it like David did, the file itself cannot be used directly (i.e. the receiver have to extract the SSH key first). Alternatively you could have included a link to a detached signature. Example: http://www.gplhost.com/ssh-pubkeys/zigo http://www.gplhost.com/ssh-pubkeys/zigo.asc Either way would provide a way to verify that the key publish over HTTP is from/approved by you. ~Niels -- To UNSUBSCRIBE, email to debian-qa-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/518f8ac3.4020...@thykier.net
