File:  [NetBSD Developer Wiki] / wikisrc / developer_key_signing.mdwn
Revision 1.4: download - view: text, annotated - select for diffs
Mon Jan 10 20:14:48 2011 UTC (3 years, 3 months ago) by wiki
Branches: MAIN
CVS tags: HEAD
web commit by cyber

# Developer Key Signing

Developers need to generate, maintain, and sign keys to keep a web of trust.  The following are shortcut commands to accomplish this.

Many of the commands will have various prompts that should be obvious (selecting keys out of a list, entering passphrases, etc).  That verbage has been eliminated from the examples.


* Key Generation
* Extend Expiration
* Key Uploading
* Key Download
* Key Signing
* Signature Upload

## Key Generation 
*TBD*

## Extending Expiration

Your key will eventually expire.  You can extend the key expiration time:

netpgp:
[[!template  id=programlisting text="""
unsupported at this time.
"""]]

gpg:
[[!template  id=programlisting text="""
# gpg --edit-key C631C69E
Command> expire
Key is valid for? (0) 5y
"""]]

You will need to re-upload to the key-server.

## Key Uploading

gpg:
[[!template  id=programlisting text="""
# gpg --keyserver pgp.mit.edu --send-keys C631C69E
"""]]


## Key Download

If you have the fingerprint, it's pretty easy to download the key.  This will import into your keychain.

netpgp: (Only if already downloaded from keyserver.)
[[!template  id=programlisting text="""
# netpgpkeys --import-key  file
"""]]

gpg:
[[!template  id=programlisting text="""
# gpg --keyserver pgp.mit.edu --search-keys C631C69E
"""]]



## Key Signing

gpg:
[[!template  id=programlisting text="""
# gpg --default-key cyber@netbsd.org --sign-key C631C69E
"""]]


## Signature Upload
*TBD*

CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb