Template:Build Documentation OpenPGP Verify the Source Code

From Kicksecure
Jump to navigation Jump to search

OpenPGP Verify the Source Code

This chapter is recommended for better security, but is not strictly required.[1]

Retrieve a list of available git tags.

Click = Copy Copied to clipboard! git --no-pager tag

Verify the tag you want to build. Replace it with the tag chosen to build.

Click = Copy Copied to clipboard! git tag -v {{{version}}}

The output should look similar to this.

object 1844108109a5f2f8bddcf2257b9f3675be5cfb22
type commit
tag {{{version}}}
tagger Patrick Schleizer <adrelanos@whonix.org> 1392320095 +0000

.
gpg: Signature made Thu 13 Feb 2014 07:34:55 PM UTC using RSA key ID 77BB3C48
gpg: Good signature from "Patrick Schleizer <adrelanos@whonix.org>" [ultimate]

The warning.

gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.

Is explained on the Kicksecure Signing Key page and can be safely ignored.

  1. See Trust.