Last active
November 8, 2015 17:31
-
-
Save vancluever/6f4f59bb67ed1d056985 to your computer and use it in GitHub Desktop.
GPG key stuff and trust
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GPG requires signature verification for a number of reasons. | |
| # These all require you to have the public key of the signatory, | |
| # which are generally distributed a couple of ways: | |
| # * Via the web (ie: public key block directly on a web page) | |
| # * Thru GPG's public keyserver | |
| # | |
| # The following page has some info on public keyservers: | |
| # https://en.wikipedia.org/wiki/Key_server_(cryptographic) | |
| # | |
| # So this basically leaves you with two ways to import a GPG | |
| # key. | |
| # | |
| # * Import the public key from command line: | |
| # (Assuming you have pasted the key in the file) | |
| gpg --import KEY.asc | |
| # You can also get the key from a public keyserver, via the | |
| # following method: | |
| gpg --search-keys TERM | |
| # Which will give you various results and can be used to | |
| # import the keys that were found. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment