return to home page of -
        Starshine Technical Services :
        Sysadmin Support and Training

Jim Dennis: Computer Identity Keys

Jim Dennis' PGP/GPG Signature

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

mQGiBDpOpaoRBADb7348hPzHx/irDf7xhe6ajCB+VOlvbDI3GZ33bjfp+GE/09Vr
8/A55iFU2604mt+KnloFeDPq32okjQSIZ0BzptaIGE4zMkXe2jhS84JrDcskH6iu
RWNXmSs3/s6H0ZRIeDw3ivP1VybRZxNLgveZE3QKsmKL9ryKit/20oy5GwCggGPj
SBl3s+7qgP8Obm7nXJVNIUMD/RGI92NSX4aDC3WNMhtUH+2neB2Xwp/ykf1MGPIg
5D47o1u1GxyKiDmMYw2EzyVeTnF4P8TVZTOp+XorAXZ7f26ibFUTaGV/acCjlxTF
Kbn1O0NyxXW3mGMni2QZfAcagV8JC3TbKq7hY7KgJDNy3UUFZx/LZuqaIPaEtC+I
IIUABADCwgu8B8v9pPiM9zImKXWpa5bYjfndS87mA1oyvydb63oSJKuxAalDFKxs
aVpELGElRi3ZVISyPx+z1HObLqZFZUurBF4kiZyLodOQ6uC1Ukdi7DmQX4lKADAk
0tTAc0FkVy4zIwJwfmhtLgLSNR6XAXtDiy7Hdj/uMc5u7YTVlrQfSmltIERlbm5p
cyA8amltZEBzdGFyc2hpbmUub3JnPohdBBMRAgAdBQI6TqWqBQkDwmcABQsHCgME
AxUDAgMWAgECF4AACgkQIGV97BI+xjEzPwCeO2xJfEfNytlxsWy5cdXlh8g6RGwA
nRGnYzDFKrFwC5N8MYm5DCfO73MdiEYEEBECAAYFAjpPYBkACgkQF1SnKaZaijVP
BwCeLXMC5nqRG5zLeSjSepDujaZbNvgAn3VzZK+ocFHtfnCB2O61pv8vArMOiEYE
EBECAAYFAjpzahgACgkQ2tp5zXiKP0xnMQCglVF5OFKTNh8xd44D7nleTvvso/4A
n2nwr+qzpIPWaDjvyM+XMtXnh7vCuQENBDpOpbAQBAC4He9Q88/agpSVeYZs2O4r
+UfTNs9zQ5AOTvg7QWCMGZjirbYnjwIY3RU/oaB/cVqA0SW/L/jlMgPY0PgTcgZB
fOto6A0zOckt8u1N2CPJC41XWxShkUjtBPs/lkvlpUO7Sk8H/HR6cg/0i+sUJ3GY
5qFrjdO7mHDBaGNr0ka87wADBQQAkjWMyAWv634pUlo+FEa2go3meqtcAwqn/Ckc
GEC3r1Cg5cdWFzSvXz+Lxh34IFYFp5Y8YCbsaBDS74Hr1y5WWZT83EAQcqtwqx3h
jHX1i/SJ8VF+o0Z5u8Vzg1pZu5fIvPZtvLPWvXltOhrKcIhXvXPSqr29+ZC7L15F
Hq8YUpeITAQYEQIADAUCOk6lsAUJA8JnAAAKCRAgZX3sEj7GMWwuAJ4j88WCruKA
6eEE07nnL09jRol5MQCdGwg/SxFomLP74PeZDg8YEU5gYt4=
=Q8RG
-----END PGP PUBLIC KEY BLOCK-----

You can use this key and GNU Privacy Guard (GnuPG or GPG) to send encrypted e-mail to me or to verify my signature on mail to you. You could also use this key to decrypt mail from me to you (assuming I had your key).

Of course you could also get a copy of my key from any public key server using a command like:

gpg --keyserver pgp.mit.edu --recv-keys '0x123EC631'

You shouldn't trust that this is really "Jim Dennis'" key unless you check the signature in some way. The copy of my key on the key server network may have been signed by various people who have met me in person and/or who have established to their satisfaction the validity of my key. If you check those signatures, and the signatures of their signers, etc until you've found someone you know personally then you're using the "web of trust" to gain some confidence that this key really was published by Jim Dennis.

If you need to call me (and you have some reasonable assurance that you'd recognize my voice) you could ask me to verify the fingerprint for my key; which you could extract from my purported key (above) and which should look like:

pub  1024D/123EC631 2000-12-31 Jim Dennis 
     Key fingerprint = 66A0 25A0 57AF 963C 414C  0DD7 2065 7DEC 123E C631
sub  1024g/2EACCEDE 2000-12-31 [expires: 2002-12-31]

As you can tell, this key management stuff is tough.

Jim Dennis' SSH Public Identity

The best way to give me remote access to an account on one of your computers is to install the OpenSSH or the commercial SSH daemon and to paste/append the following key into a proper .ssh/authorized_keys file:

1024 35 146621959799235303804579351098644997441855595031811616935704085520828028958021462469824420153551172291936727944088512872946884776887305833680227634085276402132876678409542483984395775065318597449506630117903970047666389101342414927041227279296655474817874211352291808025721833389641274269385914283653482677879 jimd@mars

Of course, you should probably notify me before you do this. Better, you should probably request that I send a specially cut new key via a signed bit of e-mail (see above). That will ensure that you're really giving access to me and not some imposter.

When I'm providing remote support, I frequently have to walk people through the process of installing and configuring an sshd, creating an account copying my key into an authorized_keys file and setting the permissions as appropriate.

Here's a little shell script to do that (run as root if and only if you don't already have a user named jimd):

#!/bin/sh
useradd -m jimd
umask 077
mkdir ~jimd/.ssh || exit 1 
chmod 0700 ~jimd/
chmod 0700 ~jimd/.ssh
cat <> ~jimd/.ssh/authorized_keys 

1024 35 146621959799235303804579351098644997441855595031811616935704085520828028958021462469824420153551172291936727944088512872946884776887305833680227634085276402132876678409542483984395775065318597449506630117903970047666389101342414927041227279296655474817874211352291808025721833389641274269385914283653482677879 jimd@mars
KEY

Of course, if you're a paying customer, I'll be happy to walk you through this process over the phone. Our voice mail number is (800) 938-4078 (telephone solicitors will be treated rudely). My cell phone number is (650) 279-4059 (telephone solicitors will be treated very rudely).