Answers to some common kernel.org account questions

Answers to some common kernel.org account questions

[Greg KH]

[-- Attachment #1: Type: text/plain, Size: 2861 bytes --]

We (the kernel.org team) have noticed a fair amount of confusion about
the procedure for the reinstatement of kernel.org accounts.  In an
attempt to clarify the situation, we have put together the following FAQ
file.

WHAT ARE WE DOING AT THIS TIME?

The first priority for kernel.org is to get the git trees back on line
so that subsystem maintainers can publish their patch streams and get
them into the mainline.  Other functionalities, such as email and file
uploads, will be restored later, as time allows.

WHO IS ELIGIBLE FOR A KERNEL.ORG ACCOUNT?

At this time, we are only providing access to developers who previously
hosted git repositories on kernel.org, and whose repositories have shown
activity after February, 2011.  At a later time we will be able to
consider creating accounts for developers with inactive trees or who
have not had a kernel.org account in the past.

DO I NEED A KERNEL.ORG ACCOUNT?

Possession of a kernel.org account is *not* necessary for contributors
to the Linux kernel.  As always, changes can be contributed through
trees hosted elsewhere, by direct posting of patches to a relevant
mailing list, or through a subsystem maintainer's tree.

WHY DO I NEED A PGP KEY?

A properly-signed PGP key is required to obtain access to kernel.org.
The purpose of this key is not to replace the trust that we have built
in each other over years of collaborative work; it is, instead, a way of
safely passing credentials in a world where the community has simply
grown too large for us all to know each other.

WHAT IS A PROPERLY-SIGNED KEY?

Anybody can create a PGP key in anybody's name.  To avoid forgery of
keys, we require that keys used for access to kernel.org be a part of
the kernel's ring of trust.  Joining the ring of trust is done by having
your key signed by other, well-known developer keys.  So we encourage
you to obtain as many signatures as you can reasonably obtain on your
key from fellow kernel developers at upcoming conferences or developer
meetups.

Specific geographically-isolated developers who are unable to obtain the
requisite signatures will be considered for access on a case-by-case
basis.

WHAT ABOUT FILE UPLOADS?

The "robot signing" of uploaded files that was used in the past is no
longer considered to be sufficiently secure, so a new policy has been
instituted.  A new tool ("kup") has been developed to help with the
implementation of that policy; it works in a manner similar to the
upload system used by the Debian project.

The kup tool will require developers to sign files with their PGP key
prior to uploading to kernel.org.  This mechanism will keep the private
signing keys from ever being stored on kernel.org (or any other server).
More information will be made available once the file upload capability
is restored.


[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]

Procedural requirements for restoring kernel.org accounts

[H. Peter Anvin]

Hi all,

In addition to Greg's points, we have had some problems with the way
some people submitting keys.

1. Please send your key fingerprints to <keys@kernel.org> (the former
   temporary address <keys@zytor.com> now forwards to this address.)

   In particular, keys sent to any other address including privately to
   me or John will not be processed.  Keys are being processed by John
   in batches to manage the workload.

2. Make sure your keys are uploaded to pgp.mit.edu (directly or
   indirectly) before you send them.

3. Make sure there is an encryption subkey associated with your key!
   If your key is a sign-only key you need an encryption key signed
   with your signing key; please give both fingerprints in the request.

4. If there is no signing path back to the kernel.org team people then
   please work with your fellow developers, co-workers etc. to obtain
   such a link.  If nothing possible sooner, there will be key signings
   at KS and LCE which are less than two weeks away.

	-hpa

Re: Answers to some common kernel.org account questions

[Willy Tarreau]

Hi Greg,

On Fri, Oct 14, 2011 at 09:21:00AM -0600, Greg KH wrote:
> WHAT ABOUT FILE UPLOADS?
> 
> The "robot signing" of uploaded files that was used in the past is no
> longer considered to be sufficiently secure, so a new policy has been
> instituted.  A new tool ("kup") has been developed to help with the
> implementation of that policy; it works in a manner similar to the
> upload system used by the Debian project.
> 
> The kup tool will require developers to sign files with their PGP key
> prior to uploading to kernel.org.  This mechanism will keep the private
> signing keys from ever being stored on kernel.org (or any other server).
> More information will be made available once the file upload capability
> is restored.

Please reassure me, we will only have to upload the sig, not the whole
file ? I'm assuming that it will still be possible to generate the files
from the git tree (which should produce the exact same file, hence the
same sig). I'm asking because uploading 2*75 MB kernels will take slightly
more than two hours at full load assuming the link does not break at all
during this time, while a git push of one hundred patches only takes a
few seconds. This is a huge difference in efficiency and reliability !

Regards,
Willy

Re: Answers to some common kernel.org account questions

[Greg KH]

On Sat, Oct 15, 2011 at 08:42:42AM +0200, Willy Tarreau wrote:
> Hi Greg,
> 
> On Fri, Oct 14, 2011 at 09:21:00AM -0600, Greg KH wrote:
> > WHAT ABOUT FILE UPLOADS?
> > 
> > The "robot signing" of uploaded files that was used in the past is no
> > longer considered to be sufficiently secure, so a new policy has been
> > instituted.  A new tool ("kup") has been developed to help with the
> > implementation of that policy; it works in a manner similar to the
> > upload system used by the Debian project.
> > 
> > The kup tool will require developers to sign files with their PGP key
> > prior to uploading to kernel.org.  This mechanism will keep the private
> > signing keys from ever being stored on kernel.org (or any other server).
> > More information will be made available once the file upload capability
> > is restored.
> 
> Please reassure me, we will only have to upload the sig, not the whole
> file ?

That is what we are working on doing, there are still a few things left
to resolve to enable this to work properly, which is why it hasn't been
implemented yet.

thanks,

greg k-h

Re: Answers to some common kernel.org account questions

[Willy Tarreau]

On Sat, Oct 15, 2011 at 09:18:29AM -0700, Greg KH wrote:
> > Please reassure me, we will only have to upload the sig, not the whole
> > file ?
> 
> That is what we are working on doing, there are still a few things left
> to resolve to enable this to work properly, which is why it hasn't been
> implemented yet.

OK, thanks :-)

Do not hesitate to tell me if I can help for anything.

Willy

Re: Procedural requirements for restoring kernel.org accounts

[Phillip Lougher]

On Fri, Oct 14, 2011 at 7:54 PM, H. Peter Anvin <hpa@zytor.com> wrote:

>
> 4. If there is no signing path back to the kernel.org team people then
>   please work with your fellow developers, co-workers etc. to obtain
>   such a link.  If nothing possible sooner, there will be key signings
>   at KS and LCE which are less than two weeks away.
>

I live in Wales which isn't overly blessed with kernel developers
(this probably counts as Greg's specific geographically-isolated
developers), and I am deliberately going to LCE next week to get close
enough to the requisite number of kernel developers.

I notice a key signing has been announced for the KS
(http://sites.google.com/site/kernelsummit2011/gpg-key-verification) @
4.30pm on Tuesday, open to all LCE attendees.   However, I'm sure I'm
not the only one who doesn't get into Prague early enough to go to
this.  So, will there be another key signing session held during the
three days of LCE, and will the procedure mentioned in the link above
("If you would like to participate, please send an e-mail to
prague-key-submission@googlegroups.com") apply too?

Thanks

Phillip

Re: Procedural requirements for restoring kernel.org accounts

[Ted Ts'o]

On Thu, Oct 20, 2011 at 09:33:20PM +0100, Phillip Lougher wrote:
> 
> I notice a key signing has been announced for the KS
> (http://sites.google.com/site/kernelsummit2011/gpg-key-verification) @
> 4.30pm on Tuesday, open to all LCE attendees.   However, I'm sure I'm
> not the only one who doesn't get into Prague early enough to go to
> this.  So, will there be another key signing session held during the
> three days of LCE, and will the procedure mentioned in the link above
> ("If you would like to participate, please send an e-mail to
> prague-key-submission@googlegroups.com") apply too?

If you're not going to be able to make the key signing on Tuesday,
please don't bother to send your key to
prague-key-submission@googlegroups.com, since that won't do much good.

Instead, I would suggest that you use the script called gpg-key2ps,
which can be found in a package called pgp-tools (Fedora/Red Hat/SuSE)
or signing-party (Debian/Ubuntu), or from the source tree found at
http://pgp-tools.alioth.debian.org.

This will print out your keys multiple times on a piece of paper, so
you can cut them into paper strips.  There will be many kernel
developers staying the whole week.  You can ask them to sign your key,
and then hand them one of the strips of paper.  You will need to
convince them of your identity; this can be done with government
issued ID, although some kernel developers may not be comfortable
doing this since they might not know what a Welsh identity card or UK
passport might look like.  So some kernel developers may only sign a
key if they know you personally.  Other kernel developers are willing
to trust government issued ID (I've been around the world enough so I
know what a UK passport looks like :-).

Regards,

						- Ted

Re: Procedural requirements for restoring kernel.org accounts

[Alan Cox]

> I live in Wales which isn't overly blessed with kernel developers

There are quite a few of us at least at the southern end of it (not
that I've actually generated a key yet).

> this.  So, will there be another key signing session held during the
> three days of LCE, and will the procedure mentioned in the link above
> ("If you would like to participate, please send an e-mail to
> prague-key-submission@googlegroups.com") apply too?

That sounds a good plan because I suspect LCE will have a number of
kernel hackers around who are not at KS, and KS will have plenty of us
who have gone home before LCE.

Re: Procedural requirements for restoring kernel.org accounts

[Ted Ts'o]

On Thu, Oct 20, 2011 at 10:09:22PM +0100, Alan Cox wrote:
> > this.  So, will there be another key signing session held during the
> > three days of LCE, and will the procedure mentioned in the link above
> > ("If you would like to participate, please send an e-mail to
> > prague-key-submission@googlegroups.com") apply too?
> 
> That sounds a good plan because I suspect LCE will have a number of
> kernel hackers around who are not at KS, and KS will have plenty of us
> who have gone home before LCE.

I was looking into setting up a separate key signing event at LCE, but
the schedule is really packed, so it wasn't clear we could find a slot
that would work for everyone.  Also, I simply ran out of time to try
to organize yet another key signing event.

This is why I suggested a more informal approach of people
pre-printing fingerprints on slips of paper which could be exchanged,
using something like gpg-key2ps.  If everyone comes prepared with
these slips of paper, we can either try to organize a room where it's
easier for people to find each other, or it can be done in an ad-hoc
fashion during the coffee/tea breaks.

						- Ted

Re: Procedural requirements for restoring kernel.org accounts

[H. Peter Anvin]

On 10/20/2011 02:16 PM, Ted Ts'o wrote:
> 
> I was looking into setting up a separate key signing event at LCE, but
> the schedule is really packed, so it wasn't clear we could find a slot
> that would work for everyone.  Also, I simply ran out of time to try
> to organize yet another key signing event.
> 
> This is why I suggested a more informal approach of people
> pre-printing fingerprints on slips of paper which could be exchanged,
> using something like gpg-key2ps.  If everyone comes prepared with
> these slips of paper, we can either try to organize a room where it's
> easier for people to find each other, or it can be done in an ad-hoc
> fashion during the coffee/tea breaks.
> 

Aren't there any BOF slots or something like that?

	-hpa

Re: Procedural requirements for restoring kernel.org accounts

[Phillip Lougher]

Ted Ts'o wrote:

> 
> If you're not going to be able to make the key signing on Tuesday,
> please don't bother to send your key to
> prague-key-submission@googlegroups.com, since that won't do much good.
> 

There's only one flight per day from Bristol to Prague and that gets in
too late sorry.  There would be no issue with Tuesday evening.  I could
re-book for Monday and pay an extra night in the hotel, but I'd rather
not do that unless absolutely necessary.

> 
> This will print out your keys multiple times on a piece of paper, so
> you can cut them into paper strips.  There will be many kernel
> developers staying the whole week.  You can ask them to sign your key,
> and then hand them one of the strips of paper.  You will need to
> convince them of your identity; this can be done with government
> issued ID, although some kernel developers may not be comfortable
> doing this since they might not know what a Welsh identity card or UK
> passport might look like.

Point taken, though UK like all other European Union passports are
standardized and look the same across the EU.

> So some kernel developers may only sign a
> key if they know you personally.

Wouldn't I still have this problem if I turned up to the KS key
signing session?

Regards

Phillip

Re: Procedural requirements for restoring kernel.org accounts

[Phillip Lougher]

Alan Cox wrote:
>> I live in Wales which isn't overly blessed with kernel developers
> 
> There are quite a few of us at least at the southern end of it (not
> that I've actually generated a key yet).

Well you must all be hiding pretty well then, because I live in the
southern end too (though Chepstow is hardly Cardiff or Swansea) :-)

Phillip

Re: Procedural requirements for restoring kernel.org accounts

[Aníbal Monsalve Salazar]

[-- Attachment #1: Type: text/plain, Size: 424 bytes --]

Hello,

Please restore my kernel.org account so I can work with the xfs kernel
developers. My gpg fingerprint is below.

pub   4096R/947897D8 2009-06-13
      Key fingerprint = C604 5C81 3887 B77C 2DFF  97A5 7C56 ACFE 9478 97D8
uid                  Anibal Monsalve Salazar <anibal@debian.org>
uid                  Anibal Monsalve Salazar <anibal@kernel.org>
sub   4096R/0702D942 2009-06-13

Thank you,

Aníbal

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 835 bytes --]