In the old FreeBSD.org cluster, we had a nfs shared /etc/ssh-keys/$you file that you could read/write. The NFS share is gone and the keys are stored in our LDAP server instead.
How does one update them?
- Preferred: Send an email message to accounts@ that:
is signed with the private key corresponding to the public key in the Handbook;
- has your new key(s) attached;
- clearly states your intent (e.g., whether this is a complete key replacement, a partial one, or an addition);
- contains a hash (sha256 or md5) of each key that you intended to send.
- Fallback: Put your new keys in a file (eg: ~/new-ssh-keys) on freefall, then send a message to accounts@ (as above, but without the attached key(s).
- In desperation: Do the same sort of routine that new committers do: identify a committer who is willing to send the keys, and who is willing to vouch that the keys do actually correspond to you.
- Please be clear - if you want an additional key added, rather than deleting your old ones, be sure to say so.
Longer term: we're working on something to self-maintain these.. They'll be syntax checked (catching cut/paste errors) and you'll get an email whenever your keys are changed.
Sorry about the inconvenience, please bear with us.