ReleaseSigning

HomePage | RecentChanges | Preferences

References

Useful Commands

  $ gpg --gen-key
    (accept the defaults)

  $ gpg --output revoke.asc --gen-revoke mykey

  $ (gpg --fingerprint --list-sigs <your name> && gpg --armor --export <your name>) >> filename

  $ wget http://www.apache.org/dist/struts/KEYS
  $ gpg --import KEYS
  $ gpg --verify struts-shale-1.0.0.zip.asc struts-shale-1.0.0.zip

  $ gpg --homedir /cygdrive/e/wsmoak/.gnupg
       or
  $ export GNUPGHOME=/cygdrive/e/wsmoak/.gnupg

  $ gpg --armor --output foo.tar.gz.asc --detach-sig foo.tar.gz 

Note: Signing artifacts and distributions can be done with the Maven GPG Plugin

Public Key Servers

  $ gpg --armor --export yourid@apache.org

HomePage | RecentChanges | Preferences
This page is read-only | View other revisions
Last edited March 15, 2008 9:35 am by WendySmoak (diff)
Search: