Contacting us securely

The HP Helion Eucalyptus security response team can use a GNU Privacy Guard (GnuPG or GPG) key to secure communications. Mail sent to euca-security@hp.com can be encrypted with this public key. We expect to change the key we use from time to time. Should we change the key, the previous key will be revoked and the new one will be posted on the web site.

15ce00fc: Security team <euca-security@hp.com>

This key is used for communicating securely with the HP Helion Eucalyptus security response team and for signing the security advisories posted to mailing lists.

Please do not send messages encrypted with this public key to any address other than euca-security@hp.com. We are unable to accept any non-security-related email which is encrypted with this public key.

Software signing

We use a number of GPG keys to sign our software packages and package repositories. The necessary public keys are provided with the relevant products and can be used to automatically verify software updates. You can also verify the packages or package repositories manually using the keys on this page.

Run the following command to verify a RPM package for an HP Helion Eucalyptus product:

rpm --checksig -v <filename>.rpm

Follow the procedure detailed on Debian's SecureApt web page to verify a deb package for an HP Helion Eucalyptus product.

Please do not use package signing keys to encrypt email messages. Refer to the contacting us securely section for secure communication information.

c1240596: HP Helion Eucalyptus (release key) <euca-security@hp.com>

This key is used for signing HP Helion Eucalyptus products released after July 2011 and their updates.

0260cf4e: HP Helion Eucalyptus (pre-release key) <euca-security@hp.com>

This key is used for signing HP Helion Eucalyptus pre-release products due for release after July 2011.

9d7b073c: HP Helion Eucalyptus (nightly release key) <euca-security@hp.com>

This key is used for signing nightly builds of HP Helion Eucalyptus products published after July 2011.