added: gpg --with-fingerprint key.asc -- to print the fingerprint without importing the key
parent
7f1fcc4e84
commit
ab5a675237
2
FAQ.md
2
FAQ.md
@ -104,7 +104,7 @@ Here is the workflow you should use for verifying commits or tags:
|
||||
2. Verify the keys. Here are our fingerprints:
|
||||
[@elrido](https://github.com/elrido/): `1C2A 890A F113 5CEC 3681 666A 0F5C 940A 6BD8 1F92`
|
||||
[@rugk](https://github.com/rugk): `ABA9 B8F6 F448 B07F D7EA 4A1A 05D4 0A63 6AFA B34D`
|
||||
You can use `gpg --list-public-keys --fingerprint` to view the fingerprints of all public keys.
|
||||
You can use `gpg --list-public-keys --fingerprint` to view the fingerprints of all public keys or `gpg --with-fingerprint <keyfile.asc>` to print the fingerprint before you actually import the key.
|
||||
3. Import the keys [and adjust the trust level](https://www.gnupg.org/gph/en/manual/x334.html). We recommend that you sign the keys with your own or set the trust level to the highest one (not recommend).
|
||||
**Note:** If you only update PrivateBin manually and do not automate the setup you can skip this step.
|
||||
3. Now you can use [`git verify-commit HEAD`](https://git-scm.com/docs/git-verify-commit) to verify the latest commit or you can use [`git verify-tag <tag here>`](https://git-scm.com/docs/git-verify-tag) to verify a specific tag.
|
||||
|
Loading…
Reference in New Issue
Block a user