monkeysphere [was: Re: authentication subkey]

Daniel Kahn Gillmor dkg at
Thu Oct 21 16:18:58 CEST 2010

On 10/21/2010 05:24 AM, Werner Koch wrote:
> Regarding ssh, there is no actual need for gpg.  You can use it but it
> is not required because usually you import an existing ssh key into
> gpg-agent.

To be clear, Monkeysphere uses GnuPG to have the SSH RSA key bound to
the user's OpenPGP identity.  Monkeysphere uses this to allow service
administrators to enable access to services by User ID (and to permit
re-keying, revocation, expiration, etc), using the WoT as the
certificate verification mechanism (and the keyservers as a certificate
distribution system).

Monkeysphere also works to let users identify servers (any ssh and https
server at the moment) through the OpenPGP web of trust.  Here's how to
publish your services' keys if you're interested:


	--dkg, one of the monkeysphere upstream developers

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101021/b0bc61ca/attachment.pgp>

More information about the Gnupg-devel mailing list