Template:Build Documentation OpenPGP Verify the Source Code

From Kicksecure
Revision as of 20:25, 1 October 2023 by Patrick (talk | contribs) (Text replacement - "{{project_name_long}}" to "{{project_name_short}}")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

OpenPGP Verify the Source Code

This chapter is recommended for better security, but is not strictly required.[1]

Retrieve a list of available git tags.

Click = Copy Copied to clipboard! git --no-pager tag

Verify the tag you want to build. Replace it with the tag chosen to build.

Click = Copy Copied to clipboard! git tag -v {{{version}}}

The output should look similar to this.

object 1844108109a5f2f8bddcf2257b9f3675be5cfb22
type commit
tag {{{version}}}
tagger Patrick Schleizer <adrelanos@whonix.org> 1392320095 +0000

.
gpg: Signature made Thu 13 Feb 2014 07:34:55 PM UTC using RSA key ID 77BB3C48
gpg: Good signature from "Patrick Schleizer <adrelanos@whonix.org>" [ultimate]

The warning.

gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.

Is explained on the Kicksecure Signing Key page and can be safely ignored.

  1. See Trust.