mirror of
https://github.com/octoleo/restic.git
synced 2024-12-23 03:18:55 +00:00
Add PGP fingerprint to 020_installation.rst
I like the idea of verifying the integrity of applications, I download from the internet. So I was very happy to see that restic does provide SHA256-checksums which are signed with the maintainers PGP key. The only thing I miss: I could not find a direct way to download the used PGP key and verify the keys fingerprint. Doing some searches, I found: * https://github.com/restic/rest-server/issues/121 * https://restic.net/blog/2015-09-16/verifying-code-archive-integrity/ To help other restic users, I think you should add information about your PGP key/fingerprint to this installation doc, too. To save you some precious time, I created a draft, how this doc might be expanded, in this pull-request. You are free to accept it or change the text to your liking. I copied the key/fingerprint text from: ``restic/restic/master/doc/090_participating.rst`` Thank you for your work in restic!
This commit is contained in:
parent
e96677cafb
commit
cd25e36811
@ -188,8 +188,20 @@ are considered stable and releases are made regularly in a controlled manner.
|
|||||||
There's both pre-compiled binaries for different platforms as well as the source
|
There's both pre-compiled binaries for different platforms as well as the source
|
||||||
code available for download. Just download and run the one matching your system.
|
code available for download. Just download and run the one matching your system.
|
||||||
|
|
||||||
The official binaries can be updated in place using the ``restic self-update``
|
On your first installation, if you desire, you can verify the integrity of your
|
||||||
command (needs restic 0.9.3 or later):
|
downloads by testing the SHA-256 checksums listed in ``SHA256SUMS`` and verifying
|
||||||
|
the integrity of the file ``SHA256SUMS`` with the PGP signature in ``SHA256SUMS.asc``.
|
||||||
|
The PGP signature was created using the key (`0x91A6868BD3F7A907 <https://pgp.mit.edu/pks/lookup?op=get&search=0xCF8F18F2844575973F79D4E191A6868BD3F7A907>`__):
|
||||||
|
|
||||||
|
::
|
||||||
|
|
||||||
|
pub 4096R/91A6868BD3F7A907 2014-11-01
|
||||||
|
Key fingerprint = CF8F 18F2 8445 7597 3F79 D4E1 91A6 868B D3F7 A907
|
||||||
|
uid Alexander Neumann <alexander@bumpern.de>
|
||||||
|
sub 4096R/D5FC2ACF4043FDF1 2014-11-01
|
||||||
|
|
||||||
|
Once downloaded, the official binaries can be updated in place using the
|
||||||
|
``restic self-update`` command (needs restic 0.9.3 or later):
|
||||||
|
|
||||||
.. code-block:: console
|
.. code-block:: console
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user