confdroid/confdroid-package-management
3
0
Fork 0
Code Activity
4 Commits 1 Branch 0 Tags
master
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
12ww1160 98465280f7 OP#254 fix Readme
2025-12-12 16:42:42 +01:00
keys
OP#254 initial commit with key
2025-12-12 14:05:57 +01:00
.gitignore
OP#254 initial commit with key
2025-12-12 14:05:57 +01:00
LICENSE
OP#254 add Readme and license
2025-12-12 16:38:37 +01:00
README.md
OP#254 fix Readme
2025-12-12 16:42:42 +01:00

README.md

Readme

This repository hosts the public GPG key used for signing RPM packages provided by Confdroid Package Management. The key is made available for users to import and verify the authenticity and integrity of our distributed RPMs.

Purpose

  • Public GPG Key Distribution: The primary file here is RPM-GPG-KEY-public.asc, which you can import to trust and verify RPM packages from our forge or repository.
  • This repo is public to allow easy access to the key via a direct URL. For the actual RPM packages, refer to project repository in question.

How to Import the GPG Key

To verify our RPM packages, import this public key on your system. Use the direct raw URL for the key file.

Via Command Line (Recommended for RPM-based systems like Fedora, RHEL, CentOS)

  1. Import the key:
  sudo rpm --import https://gitea.confdroid.com/confdroid/confdroid-package-management/src/branch/master/keys/RPM-GPG-KEY-public.asc
  1. Verify an RPM package after download:
  rpm --checksig path/to/your-package.rpm

It should report "OK" if the signature matches.

Via GPG (For manual verification or non-RPM systems)

  1. Download the key:
   curl -O https://gitea.confdroid.com/confdroid/confdroid-package-management/src/branch/master/keys/RPM-GPG-KEY-public.asc
  1. To fetch from a keyserver (if published):
   gpg --keyserver keys.openpgp.org --recv-keys 3. To fetch from a keyserver (if published):
View Git Blame Copy Permalink
Description
Keys and stuff
Readme 37 KiB
Languages
Public Key 100%