On Wed, 9 Jun 2004, Martin Simmons wrote:
Sorry, I'm not sure what I'm supposed to do here. Is this public key related to the ~/.ssh/id_dsa.pub file that was generated by ssh-keygen? I don't have gpg on the Mac where I ran this.
Apologies, I should have been clearer in the original message.
We treat developer GPG public keys as an opaque identities: if we need to confirm that the person we're dealing with tomorrow is the same one that originally got the account, or eg. in order to send out a passwords encrypted. After the recent attack we're tightening up our procedures on this front as well.
The pubkey.asc is entirely a GPG affair, unrelated to SSH. As long as nothing untowards happens the matter of your GPG public key is not urgent.
If/when you have the occasion, installing GPG and uploading the public key to your home directory would be a good insurance. If you have GPG installed on some other computer you can of course export the key from there as well -- the GPG keys are personal, not per computer like SSH keys.
Cheers,
-- Nikodemus "Not as clumsy or random as a C++ or Java. An elegant weapon for a more civilized time."