PGP key

My personal PGP key is the following: 0x842807a84573cc96.

pub   4096R/4573CC96 2014-06-23 [expires: 2019-07-01]
      Key fingerprint = E722 B5B7 3CA7 FA93 5FC1  AA09 8428 07A8 4573 CC96
uid                  Pierre-Olivier Mercier <>
sub   4096R/9D2855C3 2014-06-23 [expires: 2019-07-01]

I use PGP on a daily basis: each e-mail I sent is at least signed. Don’t hesitate to send me encrypted or signed message.

My keyring is stored on a tamper resistant USB token (a Nitrokey Pro). This is the only method I use to sign, encrypt or authenticate.


My key is also available through OpenPGP DANE. You can retrieve it using gpg via:

gpg2 --auto-key-locate clear,dane -v --locate-key

I used this script to generate the record. With modern version of gnupg, it is also possible to get the DNS entry with the following command:

gpg2 --export-options export-minimal,export-dane --export 0xKEYID

SSH Authentication

Sometimes I use my dedicated PGP key to log me on a remote SSH server. Here is its corresponding public ssh key :

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCnABr9AhXL9AYBQnM0GRcR9yLaKheLcxXykTSEbKP4X/R5BElSS5iF+T+MPi1ym7AtcuFcHXqNdEhb3j6zvqk3sY069sg0zio/jQzWTtKjYVtCiE4SleFrb5I012IwFhPCUArVqhHrfuj8wtg5isl1CSIYii+bpFLbrAGqBcydfcN/Z/vd7jbGEdmHR1RYwE+TzJl1aPiWpqMg9PyaJudNcuxrWjHcHtAomT0CGn2OGREUZS9rcFomCqw7JW9moaWqDSaW+aNX+xTJISo6TiAB4nNOpvTMl6BWPJ5e2eqn4xQACuTb/EVCuAJGeQ8BQudanxRXrfpdgHATsJxldTau2CCmIrZrg2We0ZfiGZ7KEwf3isAyzH9FK/gmb29XeDfvE/UpTTijaPo8xgiH3Ag0ZBk1wb3PVneN9fQGpVogOxR/HwfqOl376N6kTQIhvAFaU/wJnHQ4Z0CBekOxC9XptrihUdW7ashP6arrhYzlyNUPrRGiLmab9jsqsvP7aDRFEpWa/cd9nD2Mp1JNj51ZeqwT5Juo3ElMCfoTy5IAyc6QUTtIdYRgukLjiO8k5NBi8/Yzm1lNzf3cRZdh5ZIS0AUO2Celi97WXiHrU841OqsuMBgdCDnOuG3X8qU+pyT7836XSjglLEwABtXUSWULf06AoPVJe4+cxi3NWfxJiQ==

Teaching PGP

Each year, I ask my students at EPITA, a French computer science school, to sign their work when they send them to me, by e-mail.

As it is not always easy for them, I developed a script to automatically check the correctness of their signature: peret.