added: gpg --with-fingerprint key.asc -- to print the fingerprint without importing the key

2016-10-21 19:57:40 +02:00 · 2016-10-21 19:57:40 +02:00 · ab5a675237
commit ab5a675237
parent 7f1fcc4e84
1 changed files with 1 additions and 1 deletions
--- a/FAQ.md
+++ b/FAQ.md
@ -104,7 +104,7 @@ Here is the workflow you should use for verifying commits or tags:
 2. Verify the keys. Here are our fingerprints:  
    [@elrido](https://github.com/elrido/): `1C2A 890A F113 5CEC 3681 666A 0F5C 940A 6BD8 1F92`  
    [@rugk](https://github.com/rugk): `ABA9 B8F6 F448 B07F D7EA 4A1A 05D4 0A63 6AFA B34D`  
-    You can use `gpg --list-public-keys --fingerprint` to view the fingerprints of all public keys.
+    You can use `gpg --list-public-keys --fingerprint` to view the fingerprints of all public keys or `gpg --with-fingerprint <keyfile.asc>` to print the fingerprint before you actually import the key.
 3. Import the keys [and adjust the trust level](https://www.gnupg.org/gph/en/manual/x334.html). We recommend that you sign the keys with your own or set the trust level to the highest one (not recommend).  
    **Note:** If you only update PrivateBin manually and do not automate the setup you can skip this step.
 3. Now you can use [`git verify-commit HEAD`](https://git-scm.com/docs/git-verify-commit) to verify the latest commit or you can use [`git verify-tag <tag here>`](https://git-scm.com/docs/git-verify-tag) to verify a specific tag.