Commit Graph

20 Commits

Author SHA1 Message Date
Andrew David Wong
c9290ec01f
Clarify verification steps 2020-11-21 06:30:42 -08:00
Andrew David Wong
447d3dd310
Add "No such file or directory" FAQ 2020-11-21 06:01:52 -08:00
Andrew David Wong
2062b31502
Add Fedora and Debian methods for acquiring the QMSK
Thanks to Andrew Clausen for the suggestion.
2020-11-14 18:25:13 -08:00
Andrew David Wong
fdcaadaeec
Add info about distribution-gpg-keys; clarify section
Thank you to Andrew Clausen for pointing out this package.
2020-11-14 00:16:13 -08:00
Andrew David Wong
371d5471a5
Remove keyserver and search engine ideas 2020-11-12 22:46:59 -08:00
Andrew David Wong
c9ce37b388
Substitute older mailing list post with key attached 2020-11-12 08:55:51 -08:00
Andrew David Wong
03e6dd2bda
Add more supporting links 2020-11-12 08:53:32 -08:00
Andrew David Wong
cc3b1f82a9
Improve instructions regarding QMSK authentication
Inspired by a forum discussion:
https://qubes-os.discourse.group/t/there-is-no-way-to-validate-qubes-master-signing-key/1441
2020-11-12 08:29:09 -08:00
Andrew David Wong
0bd2db6670
Add documentation links and direct users to read them
QubesOS/qubes-issues#6191
2020-11-07 22:59:55 -08:00
Andrew David Wong
b7821598a3
Add prep section for installing PGP verification programs
This is a first step toward improving the instructions for non-Linux
users (QubesOS/qubes-issues#6191, #1076).
2020-11-06 12:29:42 -08:00
Andrew David Wong
60864a532c
Update qubes-users references to /support/
Now that we have a user forum in addition to qubes-users, it makes more
sense to link to /support/ than to link directly to qubes-users (or to
the forum, for that matter). This layer of redirection means allows us
to update just one thing (namely, the /support/ page) instead of having
to hunt through all the documentation every time support information
changes.
2020-08-22 23:18:08 -05:00
Hans Jerry Illikainen
dfd7e5ebe1
Verify the release key with --check-signatures
The original instructions on how to verify the release signing key used
the `--list-sigs` option for gpg.  However, unlike `--check-signatures`,
the `--list-sigs` option does not verify the authenticity of key
signatures.

See gpg2(1):

    --list-signatures
    --list-sigs
        Same as --list-keys, but the signatures are listed too.
        [...]
        Note that in contrast to --check-signatures the key signatures
        are not verified.
        [...]

    --check-signatures
    --check-sigs
        Same  as  --list-keys, but the key signatures are verified and
        listed too.
        [...]

This updates the documentation to use `--check-signatures` instead.
2020-07-03 12:37:48 +00:00
Andrew David Wong
8b6979fd34
Recommend using gpg2 with keyserver options instead of gpg
Closes QubesOS/qubes-issues#5404
2019-10-23 01:05:50 -05:00
Andrew David Wong
f32c81fab1
Recommend gpg rather than gpg2 due to 2.2.17 changes
Closes QubesOS/qubes-issues#5404
2019-10-20 21:38:13 -05:00
Andrew David Wong
9e9087431e
Add section on security updates 2019-08-26 19:39:40 -05:00
Andrew David Wong
90dc5a26c8
Link to section on copying from dom0 2019-08-18 12:59:33 -05:00
Andrew David Wong
a93b019bef
Point out that release keys are included in Qubes installations
QubesOS/qubes-issues#4292
2019-08-18 12:53:10 -05:00
Andrew David Wong
b38990e666
Point out that the QMSK is already in every Qubes domU
QubesOS/qubes-issues#2544
2019-08-18 12:32:44 -05:00
Andrew David Wong
43a39e35b9
Use default doc layout for project security docs 2019-05-26 20:04:23 -05:00
Andrew David Wong
d31c786942
Reorganize files to account for new "External" section
QubesOS/qubes-issues#4693
2019-05-26 19:32:45 -05:00