My public key identification:
1024D/8A42DBE1 2002-11-19 Jiri Denemark <Jiri.Denemark@gmail.com> Jiri Denemark <jirka@ics.muni.cz> Jiri Denemark <jirkade@gmail.com> Jiri Denemark <jdenemar@redhat.com> Key fingerprint = C19B D9A8 AFC9 613A C61A D8B1 C073 42FA 8A42 DBE1
This public key can be used for verifying the digital signature of my software packages. Each package which has been digitaly signed has its signature in the separated file. The name of the signature file consists of the name of the package and the .sig extension.
The digital signature can be verified as follows (using GnuPG):- download PACKAGE and PACKAGE.sig files of the package you want
- get my public key (see bellow)
-
run the following command
$ gpg --verify PACKAGE.sig
-
if the verification succeeds, you should see something like this:
gpg: Signature made Tue Nov 19 13:24:23 2002 CET using DSA key ID 8A42DBE1 gpg: Good signature from "Jiri Denemark <jirka@ics.muni.cz>"
-
get it through your favourite PGP compatible tool (e.g. GnuPG)
$ gpg --keyserver wwwkeys.pgp.net --recv-keys 0x8A42DBE1
- donwload it from e.g. wwwkeys.pgp.net key server
- download the file with my public key: public_key.asc
- copy the following block through the clipboard
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.9 (GNU/Linux) mQGiBD3aKroRBACRFqsHcUEBwR7jk/we/z6uiH1iwWl3c0Vu2nceB9QwRHmfcmiB uBcrTmGM/IQt8QzyAj5i4rBzcf373caHdqZ7+wegSz9EoR8oRkXf25mRqapZ6m7E kznYW6wPHs9ydMpEKqM2qgvh7A7JLI8ujb/UX+sALy4VlfxgM7PbTF27awCgzfU5 klWnpVhiqjrjHF1DwzvYKbED/04fwWmX+zXllW9y7XyXNvtoILgQroZ5Hh/DG1TZ TAvc+jCtJ0J/IijHupH/QfqQx5TzIhaPVzp3RyFl8kGDTsOQTcdi5sFmZu7fW46B AmRtkxvsKLOtSO+hRJzCqeZ/jcfKroTMIO0wGyJ4RKMzbKmDA/NR24dfxx4VlHbh XCp1BACQFonBfW0P51NFUETYphwXM16HA+Z7DO5Yv85IbS9ZjuT+Wj6BaIHhBt3U vxH7cQ7YNf53MgSYwj462TQwBu2ccn3HEppIeUpIf/D+vgJDomUJx+0KNe4u5LZ9 CF3hdprfSSmoCaVZG+SoD8DaLUr2edlidwm6LG2riwZwJ8Mm17QhSmlyaSBEZW5l bWFyayA8amlya2FAaWNzLm11bmkuY3o+iFcEExECABcFAj3aKroFCwcKAwQDFQMC AxYCAQIXgAAKCRDAc0L6ikLb4bppAJ4neAu+wmitpV2PC2qBWEALzmBUVwCePwSU CwysH98ZYQWuMzDH7nTYuTeIRgQQEQIABgUCP6jLzAAKCRDDYifmWkGs71gfAJ0U cw1nh21EvEql/j2yiUEL+jQOvQCeNNgmW8QbxkpN7DJIBbyRAF3QXPK0J0ppcmkg RGVuZW1hcmsgPEppcmkuRGVuZW1hcmtAZ21haWwuY29tPohjBBMRAgAjAhsjBgsJ CAcDAgQVAggDBBYCAwECHgECF4AFAkjzJD0CGQEACgkQwHNC+opC2+GjgQCfa3jW G5nxpAczJ+SdZ2C8+1YKtSEAoLfHCv0YptVawQF45d2GbytMEZRGtCNKaXJpIERl bmVtYXJrIDxqZGVuZW1hckByZWRoYXQuY29tPohgBBMRAgAgBQJI8yPJAhsjBgsJ CAcDAgQVAggDBBYCAwECHgECF4AACgkQwHNC+opC2+FymwCgpBtXQ+KHD6xka2f+ xhXSJgNfM9YAoIMKBKx3FwHRVIqzkDbxGDy7r8x5tCFKaXJpIERlbmVtYXJrIDxq aXJrYWRlQGdtYWlsLmNvbT6IYAQTEQIAIAUCSPMkYQIbIwYLCQgHAwIEFQIIAwQW AgMBAh4BAheAAAoJEMBzQvqKQtvh0coAoJ/emwUeZsLINdaJAvzLAxePu3LlAKCi P+espmdNtlE7lhP9Bgv5DEZ3N7kBDQQ92irHEAQAsXBLP6N8gcCvoDCSoxNTaLG0 A6SPL0iehPDTvYJmcPJuCD4Jss6/HVLorI7UVIPHFQHZKW699yPHGvswDkvDfBDa q5xCsKny3VkyAJY7Xpbf4ns7GkrQiGy5pkjplpGEboZ02c3pRJnvCKJt74b6OhxO cmJJZ4Q33lPSd5Lwpa8ABRED/1JqD2wI0W3JtNfQSgU3Y44DJk/o6S0tgEJo3/Kg JfNqD9HO1eEeDe8JfMcqQflhAOmKvsxUTi0lqpoGSyp7X7pa5P7OPMrwg4UpW23i nrcnQLUHiBqwmwUktIj2z1J9IunkIVlBUXlJ0XeQ4KmLD57RJ1NQBE6m811W4oBm D5DViEYEGBECAAYFAj3aKscACgkQwHNC+opC2+FM1ACgka0bCPBFWS3xItzQbDyh aNbXtboAoK+joNfGVowmartWoNNNNGOoor7E =JkXC -----END PGP PUBLIC KEY BLOCK-----Finally you should verify the fingeprint
$ gpg --fingerprint Jiri.Denemark@gmail.com