From 6bbe933bbf01596c214c5349a21bfc5587b66df0 Mon Sep 17 00:00:00 2001 From: Eric F Crist Date: Wed, 27 Jun 2012 08:26:50 -0500 Subject: [PATCH] adding README with instructions for signing/verifying packages Signed-off-by: Eric F Crist --- README | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 README diff --git a/README b/README new file mode 100644 index 0000000..6bf3175 --- /dev/null +++ b/README @@ -0,0 +1,13 @@ +SIGNING: + $ gpg -a -b [file] + +VERIFY SIGNATURE: +We sign easy-rsa packages with a GPG private key. The public key is available +in the git repository (PUBLIC_KEY) as well as on various GPG/PGP public key +servers around the net. + +To verify the package signature download and import our public key into GPG: + $ gpg --import pubkey.txt +Then download and verify the signature: + $ gpg -v --verify [file].asc +Note that the [file].asc and tarball need to be in the same directory.