tuxmartin/gist:bfac625f6cca796ab6cbf7c86ae2e663

## gistfile1.sh
martin@martin:~/gpgtest$ cat parametry_klice.txt
Key-Type: RSA
Key-Length: 4096
Subkey-Type: 1
Subkey-Length: 4096
Name-Real: Podepisovani SSH
Name-Email: root@localhost
Expire-Date: 0
martin@martin:~/gpgtest$ $
martin@martin:~/gpgtest$ gpg --batch --gen-key parametry_klice.txt

martin@martin:~$ gpg --list-secret-keys --keyid-format LONG
/home/martin/.gnupg/secring.gpg
-------------------------------
sec   4096R/8CBF8BDC24670CE3 2018-02-07
uid                          Podepisovani SSH <root@localhost>
ssb   4096R/8131435CCBAF0A12 2018-02-07

martin@martin:~$

martin@martin:~/gpgtest$ gpg -a --export-secret-key root@localhost > zaloha_soukromeho_klice.txt

	# klic nesmi bit v ascii formatu, ale musi byt vyexportovany v binarnim formatu, jinak nejde pouzit jako klicenka bez importu
martin@martin:~/gpgtest$ gpg --export root@localhost > pubkey.gpg

# --------------------------------------------- POUZITI:
martin@martin:~/gpgtest$ cat skript.sh
#!/bin/bash

echo "Hello, world!"
martin@martin:~/gpgtest$
martin@martin:~/gpgtest$ gpg -a --output skript.sh.sig --detach-sig skript.sh
martin@martin:~/gpgtest$
martin@martin:~/gpgtest$ gpg --no-default-keyring --keyring ./pubkey.gpg --verify skript.sh.sig 2>/dev/null && ./skript.sh || echo "spatny podpis"
spatny podpis
martin@martin:~/gpgtest$ vim skript.sh
martin@martin:~/gpgtest$
martin@martin:~/gpgtest$ cat skript.sh
#!/bin/bash

echo "Hello, World!"
martin@martin:~/gpgtest$ gpg --no-default-keyring --keyring ./pubkey.gpg --verify skript.sh.gpg 2>/dev/null && ./skript.sh || echo "spatny podpis"
spatny podpis
martin@martin:~/gpgtest$
	martin@martin:~/gpgtest$ cat parametry_klice.txt
	Key-Type: RSA
	Key-Length: 4096
	Subkey-Type: 1
	Subkey-Length: 4096
	Name-Real: Podepisovani SSH
	Name-Email: root@localhost
	Expire-Date: 0
	martin@martin:~/gpgtest$ $
	martin@martin:~/gpgtest$ gpg --batch --gen-key parametry_klice.txt

	martin@martin:~$ gpg --list-secret-keys --keyid-format LONG
	/home/martin/.gnupg/secring.gpg
	-------------------------------
	sec 4096R/8CBF8BDC24670CE3 2018-02-07
	uid Podepisovani SSH <root@localhost>
	ssb 4096R/8131435CCBAF0A12 2018-02-07

	martin@martin:~$

	martin@martin:~/gpgtest$ gpg -a --export-secret-key root@localhost > zaloha_soukromeho_klice.txt

	# klic nesmi bit v ascii formatu, ale musi byt vyexportovany v binarnim formatu, jinak nejde pouzit jako klicenka bez importu
	martin@martin:~/gpgtest$ gpg --export root@localhost > pubkey.gpg

	# --------------------------------------------- POUZITI:
	martin@martin:~/gpgtest$ cat skript.sh
	#!/bin/bash

	echo "Hello, world!"
	martin@martin:~/gpgtest$
	martin@martin:~/gpgtest$ gpg -a --output skript.sh.sig --detach-sig skript.sh
	martin@martin:~/gpgtest$
	martin@martin:~/gpgtest$ gpg --no-default-keyring --keyring ./pubkey.gpg --verify skript.sh.sig 2>/dev/null && ./skript.sh \|\| echo "spatny podpis"
	spatny podpis
	martin@martin:~/gpgtest$ vim skript.sh
	martin@martin:~/gpgtest$
	martin@martin:~/gpgtest$ cat skript.sh
	#!/bin/bash

	echo "Hello, World!"
	martin@martin:~/gpgtest$ gpg --no-default-keyring --keyring ./pubkey.gpg --verify skript.sh.gpg 2>/dev/null && ./skript.sh \|\| echo "spatny podpis"
	spatny podpis
	martin@martin:~/gpgtest$