Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 109840 - Add new dsa pubkey at authorized_keys
Summary: Add new dsa pubkey at authorized_keys
Alias: None
Product: Gentoo Infrastructure
Classification: Unclassified
Component: Developer account issues (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Infrastructure
Depends on:
Reported: 2005-10-19 11:50 UTC by Enderson Tadeu S. Maia (RETIRED)
Modified: 2005-10-20 09:57 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Enderson Tadeu S. Maia (RETIRED) gentoo-dev 2005-10-19 11:50:47 UTC
I need you to add new dsa pubkey so I can access my devbox, my notebook is on
repair, I'm working just with the Windows box at work. 

add this pubkey


Reproducible: Always
Steps to Reproduce:
Comment 1 Corey Shields 2005-10-19 12:40:16 UTC
re-submit the key signed by your gpg key (0x8B36AE49) please 
Comment 2 Enderson Tadeu S. Maia (RETIRED) gentoo-dev 2005-10-20 07:01:16 UTC

My GPG key is on my notebook, is there another way ?
Comment 3 Andrea Barisani (RETIRED) gentoo-dev 2005-10-20 07:18:07 UTC

We need to authenticate you and we can't do that without a signed message or
confirmation that you are who you say you are from devrel and/or your mentor.
Comment 4 Corey Shields 2005-10-20 08:37:14 UTC
I sent this to -core twice..  First on 8/19 and then on 9/12.  Now I will post
it here because you obviously missed it the first two times:

----------  Forwarded Message  ----------

Subject: [gentoo-core] SSH and GPG Key reminders..
Date: Friday 19 August 2005 01:20 pm
From: Corey Shields <>

Couple of reminders about your ssh and gpg keys:

- Passwordless ssh keys for getting into Gentoo infrastructure is a bad
practice.  It becomes a security liability if the box you have your key on
ever becomes compromised.  Please keep a passphrase on your key.

- It may be a good idea to keep a copy of your private ssh key in a secure
location, if you have a secure location you can keep it in.

- If you happen to lose your private key, e-mail
with a note -that is signed with your gpg key- to start a recovery procedure.
This should ring a bell that if you do not have a backup of your gpg keyring
somewhere and you lose both at once, you could become screwed.

- As for gpg keys, everyone should have a paper copy of their revocation key
on file in a secure location somewhere.  If your private gpg key is ever lost
or compromised, you can then use the revocation certificate to mark that key
as invalid on the keyservers.  Otherwise, "no expiration" keys will remain
marked as valid forever in the ether.



Corey Shields
Gentoo Linux Infrastructure Team
Gentoo Foundation Board of Trustees
Comment 5 Lance Albertson (RETIRED) gentoo-dev 2005-10-20 09:19:26 UTC
Corey: Do you remember if we have this documented on our site somewhere for our
developers? New folks wouldn't have gotten this email (since we dont' have
archives). Anyways, if we dont' have it documented, we need to get with devrel
and  *make sure* we have it documented on our project page or on theirs. I'm
guessing this is more of an issue where we need this on our page. :-)
Comment 6 Enderson Tadeu S. Maia (RETIRED) gentoo-dev 2005-10-20 09:49:48 UTC
So let's wait for my notebook get back.
Comment 7 Corey Shields 2005-10-20 09:57:57 UTC
Ok.  will close the bug