Talk:GPG Signatures

From Funtoo
Jump to navigation Jump to search

Please note & edit the user type used for gpg admin tasks such as adding / updating keys etc. The user should be a regular user and does not require root privileges.

The changes should be made to the 3 sections I outlined below. They appear in the 3 colour shaded panels on the documentation page.

Thank you ~SJR~

root # gpg --recv-key E986E8EE root # gpg --edit-key E986E8EE gpg> trust Your decision? 5 Do you really want to set this key to ultimate trust? (y/N) y gpg> quit

root # gpg --recv-key 11FD00FD 683A2F8A BEA87CD2 EEE54A43 62DD6D47 6B365A89


root # gpg --verify stage3-latest.tar.xz.gpg stage3-latest.tar.xz


=

2021-12-01: When testing this from an instantlled funtoo system, I had to add a --keyserver flag to the recv-key command:

gpg --keyserver pgp.mit.edu --recv-key E986E8EE

HKP Protocol and keyservers

I have never bothered to change my firewall to let these gpg calls through, but I don't need to because you can use the hkp://:80 protocol to get the data through port 80. This is useful if you can't change your firewall settings.

You don't need to include the whole key in the first command, just the last 8 digits. Useful if you are not ssh'd in.

I often have problems getting keyservers to respond, so the most reliable I have found is keyserver.ubuntu.com. Suggest adding a note in case anyone is stuck.

Retrieved from "https://www.funtoo.org/index.php?title=Talk:GPG_Signatures&oldid=43255"