Developer Key Signing

Developers need to generate, maintain, and sign keys to keep a web of trust. The following are shortcut commands to accomplish this.

Many of the commands will have various prompts that should be obvious (selecting keys out of a list, entering passphrases, etc). That verbage has been eliminated from the examples.

Key Generation


Extending Expiration

Your key will eventually expire. You can extend the key expiration time:


unsupported at this time.


# gpg --edit-key C631C69E
Command> expire
Key is valid for? (0) 5y

You will need to re-upload to the key-server.

Key Uploading


# gpg --keyserver --send-keys C631C69E

Key Download

If you have the fingerprint, it's pretty easy to download the key. This will import into your keychain.

netpgp: (Only if already downloaded from keyserver.)

# netpgpkeys --import-key  file


# gpg --keyserver --search-keys C631C69E

Key Signing


# gpg --default-key --sign-key C631C69E

Signature Upload


# gpg --keyserver --send-keys E361D0FA
Add a comment
Contact | Disclaimer | Copyright © 1994-2018 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
NetBSD® is a registered trademark of The NetBSD Foundation, Inc.