https://k2.ixota.com/index.php?action=history&feed=atom&title=GPG
GPG - Revision history
2026-06-26T14:40:31Z
Revision history for this page on the wiki
MediaWiki 1.33.1
https://k2.ixota.com/index.php?title=GPG&diff=6282&oldid=prev
Kenneth: /* GPG */
2023-06-10T05:06:52Z
<p><span dir="auto"><span class="autocomment">GPG</span></span></p>
<p><b>New page</b></p><div>== GPG ==<br />
<br />
gpg2 --keyserver https://pgp.mit.edu/ --search-keys <sender_name_or_address><br />
<br />
gpg --import <your-file>.gpg<br />
<br />
gpg --receive-keys A9C5DF4D22E99998D9875A5110C01C5A2F6059E7<br />
<br />
gpg --verify apache-tomcat-9.0.16-windows-x64.zip.asc<br />
<br />
ref: [https://stackoverflow.com/questions/25074877/cant-check-signature-public-key-not-found]<br />
<br />
== Show Keys ==<br />
<br />
List public keys:<br />
gpg --list-public-keys<br />
gpg --list-keys<br />
gpg -k<br />
<br />
List secret keys:<br />
gpg --list-secret-keys<br />
gpg -K<br />
<br />
== GitHub GPG ==<br />
<br />
Generating a new GPG key - GitHub Docs<br />
https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key<br />
<br />
=== Generate GpG Key ===<br />
<br />
gpg --full-generate-key<br />
<br />
=== List Keys ===<br />
<br />
gpg --list-secret-keys --keyid-format=long<br />
<br />
=== Export Key ===<br />
<br />
gpg --armor --export [long_key]<br />
<br />
=== Sign Commit ===<br />
<br />
Manually:<br />
git commit -S -m "YOUR_COMMIT_MESSAGE"<br />
<br />
Automatic for current local repository<br />
git config commit.gpgsign true<br />
<br />
Automatic for all repositories:<br />
git config --global commit.gpgsign true<br />
<br />
<br />
ref: [https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits]<br />
<br />
=== Show Log Signatures ===<br />
<br />
git log --show-signature<br />
<br />
Example:<br />
<pre><br />
commit dceb035ce7a3de3dc49e62ce61061efd86XXXXXX (HEAD -> ci)<br />
gpg: Signature made Fri 09 Jun 2023 05:12:54 PM PDT<br />
gpg: using RSA key 6827A8ADAF633B8B03286E15C4D210675xxxxxxx<br />
gpg: issuer "name@example.com"<br />
gpg: Good signature from "Name <name@example.com>" [ultimate]<br />
Author: Name <name@example.com><br />
</pre><br />
<br />
== Share Key ==<br />
<br />
gpg --keyserver certserver.pgp.com --send-key blake@cyb.org<br />
<br />
ref: [https://www.gnupg.org/gph/en/manual/x457.html#:~:text=One%20or%20more%20keys%20may,command%2Dline%20option%20%2D%2Dkeyserver.]<br />
<br />
== Unknown Trust ==<br />
<br />
ultimate vs unknown<br />
<br />
You can edit your trust of a key:<br />
<br />
gpg --edit-key user@useremail.com<br />
edit<br />
# (trust level 1-5)<br />
quit<br />
<br />
<pre><br />
gpg --edit-key user@useremail.com<br />
<br />
gpg> trust<br />
<br />
Please decide how far you trust this user to correctly verify other users' keys<br />
(by looking at passports, checking fingerprints from different sources, etc.)<br />
<br />
1 = I don't know or won't say<br />
2 = I do NOT trust<br />
3 = I trust marginally<br />
4 = I trust fully<br />
5 = I trust ultimately<br />
m = back to the main menu<br />
<br />
Your decision? 5<br />
</pre><br />
<br />
ref: [https://unix.stackexchange.com/questions/407062/gpg-list-keys-command-outputs-uid-unknown-after-importing-private-key-onto]<br />
<br />
== keywords ==</div>
Kenneth