Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-03-22 22:46:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

VerifyingSignatures changed

Browse Source 
git tag verify
This commit is contained in:
Marek Marczykowski-Górecki 2011-03-07 10:07:10 +00:00
parent b49b1961ac
commit 427b33c3ad
1 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
VerifyingSignatures.md
View File

@ -70,3 +70,33 @@ You can also download all the currently used developer's keys (and also a copy o
[http://qubes-os.org/keys/](http://qubes-os.org/keys/)
The developer keys are set to be valid for 1 year only, while the Qubes Master Singing Key has no expiration date. This key has been generated and is kept only within a special 'vault' machine that has no networking, and the private portion (hopefully) is never to leave this isolated machine.
Verifying Qubes code
--------------------
To verify signed git tag, you can use:
``` {.wiki}
$ git tag -v <tag name>
```
You can also set git alias to automatically pull latest tag and verify its signature:
``` {.wiki}
$ git config --global alias.vpull '!f() { tag=`git ls-remote $@ |tail -2 |head -1 |cut -d/ -f 3-`; git pull $@ tag $tag; git tag -v $tag; }; f'
```
then use:
``` {.wiki}
$ git vpull git://git.qubes-os.org/mainstream/core.git
Already up-to-date.
object 80826329a71c693fcd08544458b9d6219ca5b28c
type commit
tag v1.3.16-dom0
tagger Joanna Rutkowska <joanna@invisiblethingslab.com> 1290384222 +0100
v1.3.16-dom0
gpg: Signature made Mon 22 Nov 2010 01:03:50 CET using RSA key ID C37BB66B
gpg: Good signature from "Joanna Rutkowska (Qubes OS signing key) <joanna@invisiblethingslab.com>"
```