Carl-Daniel Hailfinger wrote: > What happens to those who never logged in *from* a Debian/Ubuntu > machine? There's no reason to not let them keep their DSA key. The point, iiuc, is that if even one such key was sniffed, crank is compromised. At least that user's account, which is dangerous enough. -- Gary Oberbrunner