SSH keys used to sign data outside of their validity periods should be classified as compromised; only trust SSH keys used within their validity periods.
Each SSH key is signed with the previous key, allowing verification of the chain-of-trust. You can download my public keys and their signature files via their ID links in the table below.
It is strongly recommended that you verify the entire chain, which can
be performed by adding each of my public keys to SSH's allowed_signers file,
then running the following command for each key:
ssh-keygen -Y verify -f <allowed_signers file> -I <signer name/email address> -n file -s <signature file of file-to-verify> < <file-to-verify>
You can use my base allowed_signers file
in lieu of your own, or inject its contents into your own.
| ID | Public Key | Fingerprint | Validity Start | Validity End |
|---|---|---|---|---|
|
(Sig) |
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHSJTj7ksjVys/nBy3H6Tn+AwJlzLG9RUAtNOBPAaEtj |
SHA256:/O3c09/4f1lh4zrhFs2qvQEDda6dZbTwG9xEcj8OfWo |
2025-06-23 | Present |
|
(Sig) |
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ7xGvfyArrAwOAzjnkPIWYmLzX4JAxjrqpzkDBMycQS |
SHA256:K/a677+eHm7chi3X4s77BIpLTE9Vge1tsv+jUL5gI+Y |
2024-04-01 | 2025-06-23 |
|
(Sig) |
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHPGnrIg7dI7GUqA+lTztJSrn+7QyRceajqs4iaU8UG |
SHA256:FtEVfx1CmTKMy40VwZvF4k+3TC+QhCWy+EmPRg50Nnc |
2023-07-27 | 2024-04-01 |
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINs8UH2hVmNSg0qKig/9ZQt07IuOHsorRfw1doEgMuJ8 |
SHA256:9Pl0nZ2UJacgm+IeEtLSZ4FOESgP1eKCtRflfPfdX9M |
2023-01-01 | 2023-07-27 |