Note

The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.

Difference between revisions of "Talk:GPG Signatures"

From Funtoo
Jump to navigation Jump to search
 
Line 29: Line 29:


gpg --keyserver pgp.mit.edu --recv-key E986E8EE
gpg --keyserver pgp.mit.edu --recv-key E986E8EE
== HKP Protocol and keyservers ==
I have never bothered to change my firewall to let these gpg calls through, but I don't need to because you can use the hkp://:80 protocol to get the data through port 80. This is useful if you can't change your firewall settings.
You don't need to include the whole key in the first command, just the last 8 digits. Useful if you are not ssh'd in.
I often have problems getting keyservers to respond, so the most reliable I have found is keyserver.ubuntu.com. Suggest adding a note in case anyone is stuck.

Latest revision as of 09:56, June 13, 2023

Please note & edit the user type used for gpg admin tasks such as adding / updating keys etc. The user should be a regular user and does not require root privileges.

The changes should be made to the 3 sections I outlined below. They appear in the 3 colour shaded panels on the documentation page.

Thank you ~SJR~


root # gpg --recv-key E986E8EE root # gpg --edit-key E986E8EE gpg> trust Your decision? 5 Do you really want to set this key to ultimate trust? (y/N) y gpg> quit



root # gpg --recv-key 11FD00FD 683A2F8A BEA87CD2 EEE54A43 62DD6D47 6B365A89




root # gpg --verify stage3-latest.tar.xz.gpg stage3-latest.tar.xz



=

2021-12-01: When testing this from an instantlled funtoo system, I had to add a --keyserver flag to the recv-key command:

gpg --keyserver pgp.mit.edu --recv-key E986E8EE

HKP Protocol and keyservers

I have never bothered to change my firewall to let these gpg calls through, but I don't need to because you can use the hkp://:80 protocol to get the data through port 80. This is useful if you can't change your firewall settings.

You don't need to include the whole key in the first command, just the last 8 digits. Useful if you are not ssh'd in.

I often have problems getting keyservers to respond, so the most reliable I have found is keyserver.ubuntu.com. Suggest adding a note in case anyone is stuck.