Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 29 Dec 2006 08:40:14 -0700
From:      "Wesley J. Landaker" <>
Cc:        Kelly Jones <>,,,
Subject:   Re: [NMLUG] Signing a document with my SSH key, not a PGP key?
Message-ID:  <>
In-Reply-To: <>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On Friday 29 December 2006 07:46, Kelly Jones wrote:
> I want to sign a document with ~/.ssh/id_dsa so that people who have
> my public SSH key (~/.ssh/ can confirm that it's from me. I
> don't want to encrypt the document, just sign it.
> How can I do this? Is it a good idea? Does ssh-keysign (which is
> disabled by default) play into it?
> I know how to sign things using a PGP key, but was wondering if an SSH
> key would work as well?

Which you can make a signature with pretty much any public key, signing=20
things with an SSH key is a very ODD thing to do and doesn't have any=20
support infrastructure.

If you really want to do it, see=20
which basically just lets you wrap an SSH DSA key and sign with it. It=20
won't make pretty cleartext signatures or whatnot.

If you instead really want to have a unified SSH/OpenPGP infrastructure, yo=
could use <>; which lets you login=
SSH with OpenPGP keys instead of standard SSH keys.

Or, just use the OpenPGP infrastructure for what it's meant for (encryping,=
signing, web-of-trust), and use SSH keys for what they are meant for=20
(point-to-point network authentication) and if you want to correlate them,=
you can sign your SSH key with your OpenPGP key.

Wesley J. Landaker <> <>
OpenPGP FP: 4135 2A3B 4726 ACC5 9094  0097 F0A9 8A4C 4CD6 E3D2

Content-Type: application/pgp-signature

Version: GnuPG v1.4.6 (GNU/Linux)



Want to link to this message? Use this URL: <>