Import my signing key. This can be done by requesting the fingerprint from the default GPG keyservers:
gpg2 --recv F34B56F298E94AA8760599D76ACD58D6ADACFC6E
Now, verify the file:
gpg2 --verify file-name.here # if the file was clear signed
gpg2 --verify file-name.here.sig file-name.here # if the file has a detached signature
You should see something like:
gpg: Signature made Wed 03 Apr 2019 01:07:13 PM CDT
gpg: using RSA key F34B56F298E94AA8760599D76ACD58D6ADACFC6E
gpg: Good signature from "Garrett Mills (glmdev signing authority) <email@example.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: F34B 56F2 98E9 4AA8 7605 99D7 6ACD 58D6 ADAC FC6E
I'm a big fan of the distributed nature of GPG, and I want to build a web of trust and help others do so as well.
If you live near Kansas City or Lawrence, Kansas and want someone to sign your GPG key, get in touch with me here.
I'm also looking for people who are members of the original PGP web of trust (circa 1990-2010) to sign my key. If you
live near enough to do an in-person verification and key signing, please reach out!
My public key is available on the main GPG keyservers with the fingerprint:
F34B 56F2 98E9 4AA8 7605 99D7 6ACD 58D6 ADAC FC6E
It is also hosted as a file on my server here:
My key is for my personal use only for files, communication, code signing, and signing other keys. It should have this info:
gpg: data source: https://220.127.116.11:443
(1) Garrett Mills (glmdev signing authority) <firstname.lastname@example.org>
2048 bit RSA key 6ACD58D6ADACFC6E, created: 2019-04-03
If necessary, both my public GPG signing key and public SSH authentication keys are available directly: