User Tools

Site Tools


userdoc:accounts

This is an old revision of the document!


How to get a kernel.org account

Kernel.org accounts are reserved for Linux kernel maintainers or high-profile developers. If you do not fall under one of these two categories, it's unlikely that an account will be issued to you. If you would like to apply for an account, please e-mail the following information to helpdesk@kernel.org, with the subject "Account request for Your Name":

  • preferred username
  • address where to forward your username@kernel.org mail (must match one of the UIDs on your key)
  • reason for requiring a kernel.org account
  • attach your public key to the request (see below)

:!: If we find an A (authentication) subkey on your PGP key, we will assume you will want to use that for your ssh access. If that is not the case, please mention it in the request and you'll be issued a new ssh private key instead.

The Kernel.org admin team will then review your request and you should receive a response back within a few days. If you are listed in MAINTAINERS and have enough signatures on your PGP key to be in the web of trust, your account will be issued without delay.

Exporting your public key

We no longer rely on the keyservers for signature information, so please attach a copy of your public key to the request. You can generate it using the following command:

gpg2 -a --export --export-options export-clean [YOURKEYID] > export.asc

Mind the PGP Web of Trust

We use the PGP web of trust to help ensure that only trusted kernel developers are able to get an account on kernel.org. Before you send the email, make sure that your PGP key is signed by as many kernel developers as you can contact. PGP signing events at conferences are usually a good place to start, or you can find kernel developers who live in your area. Mailing lists such as linux-kernel@vger.kernel.org can be of help when you are trying to find kernel developers in your area.

You can also check the key signing map for kernel developers in your area. If meeting in physical space is not an option for you due to travelling or quarantine restrictions, you may prefer to arrange a video conference call for the same purpose.

:!: Remember, the goal is not to verify someone's government-issued credentials, but to build a web of trusted contributors. When you are signing someone's key, you are effectively stating: "I have worked with this person and I vouch for their identity by signing their key with my own."

With extremely rare exceptions, accounts will not be issued until the PGP key fully validates.

userdoc/accounts.1586274233.txt.gz · Last modified: 2020-04-07 15:43 by mricon