Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tbrowder/config-scripts

A collection of configuration scripts for my web server stack: Apache, OpenSSL, Cyrus SASL, Postfix, PostgreSql, etc.
https://github.com/tbrowder/config-scripts

Last synced: about 1 month ago
JSON representation

A collection of configuration scripts for my web server stack: Apache, OpenSSL, Cyrus SASL, Postfix, PostgreSql, etc.

Host: GitHub
URL: https://github.com/tbrowder/config-scripts
Owner: tbrowder
License: artistic-2.0
Created: 2016-03-07T19:40:29.000Z (almost 9 years ago)
Default Branch: master
Last Pushed: 2024-03-19T23:25:23.000Z (10 months ago)
Last Synced: 2024-12-09T19:50:10.023Z (about 2 months ago)
Language: Shell
Size: 221 KB
Stars: 2
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.gpg-usage
- License: LICENSE

Awesome Lists containing this project

README

Given a file and a detached gpg signature, e.g.,

file: bind-9.11.1-P3.tar.gz
sig: bind-9.11.1-P3.tar.gz.sig

Verify the file:

$ gpg --verify bind-9.11.1-P3.tar.gz.sig bind-9.11.1-P3.tar.gz
gpg: Signature made Fri Jul 7 19:49:14 2017 CDT using RSA key ID 5CF02E57
gpg: Can't check signature: public key not found

Install the key if not already installed:
----------------------------------------

$ gpg --import key.file

Reverify:
--------

$ gpg2 --verify bind-9.11.1-P3.tar.gz.sig bind-9.11.1-P3.tar.gz
gpg: Signature made Fri Jul 7 19:49:14 2017 CDT using RSA key ID 5CF02E57
gpg: Good signature from "Internet Systems Consortium, Inc. (Signing key, 2017-2018) " [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: BE0E 9748 B718 253A 28BB 89FF F1B1 1BF0 5CF0 2E57

Trustedness:
-----------

$ gpg2 --edit-key 5CF02E57
gpg (GnuPG) 2.0.26; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

pub 4096R/5CF02E57 created: 2016-10-05 expires: 2019-02-01 usage: SC
trust: unknown validity: unknown
sub 4096R/9ACCCB00 created: 2016-10-05 expires: 2019-02-01 usage: E
[ unknown] (1). Internet Systems Consortium, Inc. (Signing key, 2017-2018)

gpg> trust
pub 4096R/5CF02E57 created: 2016-10-05 expires: 2019-02-01 usage: SC
trust: unknown validity: unknown
sub 4096R/9ACCCB00 created: 2016-10-05 expires: 2019-02-01 usage: E
[ unknown] (1). Internet Systems Consortium, Inc. (Signing key, 2017-2018)

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu

Your decision? 1

pub 4096R/5CF02E57 created: 2016-10-05 expires: 2019-02-01 usage: SC
trust: undefined validity: unknown
sub 4096R/9ACCCB00 created: 2016-10-05 expires: 2019-02-01 usage: E
[ unknown] (1). Internet Systems Consortium, Inc. (Signing key, 2017-2018)
Please note that the shown key validity is not necessarily correct
unless you restart the program.

gpg> q
$