diff options
author | Konstantin Ryabitsev <konstantin@linuxfoundation.org> | 2022-11-16 12:58:35 -0500 |
---|---|---|
committer | Konstantin Ryabitsev <konstantin@linuxfoundation.org> | 2022-11-16 12:58:35 -0500 |
commit | ecbaa54e9fb03d548e30d3f23dc6441edaeeff5a (patch) | |
tree | 785771ac9b7184ab391b241c144687a250593fb3 | |
parent | 6444b5f279221f258de823b865cfaf16ca4e41f0 (diff) | |
download | korg-ecbaa54e9fb03d548e30d3f23dc6441edaeeff5a.tar.gz |
Tweak PGP instructions a bit
- remove the use of gpg2 command (just gpg now)
- add link to the Maintainer PGP Guide
- tweak wording in a couple of places
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
-rw-r--r-- | source/accounts.rst | 18 | ||||
-rw-r--r-- | source/mail.rst | 8 |
2 files changed, 17 insertions, 9 deletions
diff --git a/source/accounts.rst b/source/accounts.rst index 81e87d1..4606d74 100644 --- a/source/accounts.rst +++ b/source/accounts.rst @@ -30,13 +30,21 @@ web of trust, your account will be issued without delay. .. _`MAINTAINERS`: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/MAINTAINERS +Creating a PGP key +~~~~~~~~~~~~~~~~~~ +If you do not already have a PGP key, or if you already have one but +aren't comfortable with using GnuPG tools, you can read the **Kernel +Maintainer PGP guide**: + +* https://docs.kernel.org/process/maintainer-pgp-guide.html + Exporting your public key ------------------------- We no longer rely on keyservers for signature information, so please attach a copy of your public key to the request. You can generate it using the following command:: - gpg2 -a --export --export-options export-clean [YOURKEYID] > export.asc + gpg -a --export --export-options export-clean [YOURKEYID] > export.asc PGP Web of Trust ---------------- @@ -85,14 +93,14 @@ Procedure for the signee 3. During the conference, establish your identity with the signers. 4. When everyone is ready, read your public key fingerprint out loud (you can display it using ``gpg --fingerprint [your@address]``). -5. Make sure everyone has verified the fingerprint. +5. Make sure everyone has verified your key fingerprint. 6. Finish the call. -7. Wait for the signed key to be send to you. +7. Wait to receive your signed key from all signers. 8. Import the signatures into your keyring using ``gpg --import export.asc``. -9. Once you have received all the signatures, export the public key +9. Once you have received all the signatures, re-export your public key using ``gpg --export -a -o signed.asc [your@address]``. -10. Submit the exported key with your account request. +10. Submit ``signed.asc`` with your account request. Procedure for the signers ~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/source/mail.rst b/source/mail.rst index 4ec6548..2526301 100644 --- a/source/mail.rst +++ b/source/mail.rst @@ -52,12 +52,11 @@ If you are sending PGP-signed mail using your username@kernel.org email address, you should add that UID to the public key (should be the same key you used to apply for your kernel.org account):: - gpg2 --quick-add-uid [keyid] 'Firstname Lastname <username@kernel.org>' - gpg2 --send-keys [keyid] + gpg --quick-add-uid [keyid] 'Firstname Lastname <username@kernel.org>' To find out your keyid, you can run:: - gpg2 --list-secret-keys + gpg --list-secret-keys Your keyid (either the full fingerprint, or the last 16 characters) should be listed right under the sec line. @@ -75,7 +74,7 @@ will be automatically marked as trusted. To check which key we have in the WKD, you can run the following command:: - GNUPGHOME=$(mktemp -d) gpg2 --auto-key-locate wkd --locate-keys [username]@kernel.org + GNUPGHOME=$(mktemp -d) gpg --auto-key-locate wkd --locate-keys [username]@kernel.org The output should display which key ID was retrieved from the WKD. If instead you see an error message like this:: @@ -93,6 +92,7 @@ helpdesk@kernel.org. Changing your forwarding address -------------------------------- + If you have a kernel.org ssh account ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |