-[[meta title="Setup test public server/gpg key"]]
+[[!meta title="Setup test public server/gpg key"]]
It would be really useful for people trying out the monkeysphere to be able to
test it with a participating server as soon as they've finished setting things
-- Big Jimmy.
-> Maybe we should use George? As you point out - it doesn't actually
-> have to do any user authentication. It seems like a waste to have a
-> virtual machine that does nothing but deny people's ssh connections.
-> And - george is already setup and ready to go.
-> -- Sir Jam Jam
+---
+
+Maybe we should use George? As you point out - it doesn't actually
+have to do any user authentication. It seems like a waste to have a
+virtual machine that does nothing but deny people's ssh connections.
+And - george is already setup and ready to go.
+-- Sir Jam Jam
+
+---
+
+I like the idea of using George for this. There's nothing wrong with
+denying people's ssh connections. Also, we could make public user
+account with limited shells that we could add User IDs that we want to
+encourage to try out the monkeysphere from that perspective. For
+example, if one of the George admins who is listed as an
+identity-certifier has already certified Foo T. Bar's key, we could
+write a simple note like:
+
+ Dear Foo T. Bar--
+
+ The user account "foo@george.riseup.net" has been created for
+ you. You can ssh into it by adding an authentication subkey
+ to your OpenPGP key and publishing it to the public keyservers
+ (or to george.riseup.net). The easiest way to do this is with
+ the monkeysphere.
+
+ You can verify george's ssh host key with the monkeysphere
+ before you connect to the host. Here's how...
+
+--dkg
+
+---
+
+So do we agree that george is doing what we want, and we can therefore
+close this bug?
+
+-- BJ (jgr)
+
+---
+
+I'm fine with closing this bug, unless we want to set up the limited
+shell access/welcome letter like i described above. If we want to do
+that, it'd be worth keeping it open until those scripts are written.
+
+I envision a script you'd invoke like:
+
+ root@george# addmsuser foo 'Foo T. Bar <foo@example.org>'
+
+Which would create the `foo` account, populate
+`~foo/.monkeysphere/authorized_user_ids`, make a note in a log
+someplace, and send a welcome letter.
+
+--dkg
+
+---
+
+That idea really seems like a lot more trouble than it's worth to me,
+and I'm not really willing to maintain it myself, but if someone else
+wants to handle that, that would be fine with me.
+
+-- jgr
+
+---
+
+i'm not really willing to maintain anything extra either, so i'm
+closing this ticket as [[bugs/done]].
+
+--dkg