Developer Key Signing
Developers need to generate, maintain, and sign keys to keep a web of trust. The following are shortcut commands to accomplish this.
Many of the commands will have various prompts that should be obvious (selecting keys out of a list, entering passphrases, etc). That verbage has been eliminated from the examples.
- Key Generation
- Extend Expiration
- Key Uploading
- Key Download
- Key Signing
- Signature Upload
Your key will eventually expire. You can extend the key expiration time:
unsupported at this time.
# gpg --edit-key C631C69E Command> expire Key is valid for? (0) 5y
You will need to re-upload to the key-server.
# gpg --keyserver pgp.mit.edu --send-keys C631C69E
If you have the fingerprint, it's pretty easy to download the key. This will import into your keychain.
netpgp: (Only if already downloaded from keyserver.)
# netpgpkeys --import-key file
# gpg --keyserver pgp.mit.edu --search-keys C631C69E
# gpg --default-key email@example.com --sign-key C631C69E
# gpg --keyserver pgp.mit.edu --send-keys E361D0FA