[[meta title="Monkeysphere archive signing key"]]
-[[!template id="nav"]]
+[[toc ]]
## Verifying the key ##
The [Monkeysphere apt repository](/download) is signed by this key, so
-you can verify that the packages come from the right place and have
-not been tampered with.
+you [can verify](http://wiki.debian.org/SecureApt) that the packages
+come from the right place and have not been tampered with.
This key is certified by several of the Monkeysphere developers, and
should be able to be found from the public keyservers with:
- gpg --keyserver $KEYSERVER --recv EB8AF314
+ $ gpg --recv-key EB8AF314
+ gpg: requesting key EB8AF314 from hkp server pool.sks-keyservers.net
+ gpg: key EB8AF314: public key "Monkeysphere Archive Signing Key (http://archive.monkeysphere.info/debian)" imported
+ gpg: no ultimately trusted keys found
+ gpg: Total number processed: 1
+ gpg: imported: 1 (RSA: 1)
+ $
You should be able to verify the fingerprint like this:
- [0 dkg@squeak ~]$ gpg --list-key --fingerprint http://archive.monkeysphere.info/debian
+ $ gpg --list-key --fingerprint http://archive.monkeysphere.info/debian
pub 4096R/EB8AF314 2008-09-02 [expires: 2009-09-02]
Key fingerprint = 2E8D D26C 53F1 197D DF40 3E61 18E6 67F1 EB8A F314
uid [ full ] Monkeysphere Archive Signing Key (http://archive.monkeysphere.info/debian)
-
- [0 dkg@squeak ~]$
+ $
-And you can verify the fingerprints with:
+And you can also verify the fingerprints with:
- gpg --list-sigs http://archive.monkeysphere.info/debian
+ $ gpg --list-sigs http://archive.monkeysphere.info/debian
If you believe that the repository has been tampered with, please [let
us know](/community)!
+If you have properly verified this key, you can add it to your apt
+keyring for proper cryptographic verification of the archive and its
+packages by doing the following:
+
+ $ sudo gpg -a --export EB8AF314 | apt-key add -
+ OK
+ $ aptitude update
+ ...
+
## The key itself ##
<pre>
S31RCBx16I7tJya0fwJJRC7qZWf7hrPdi7eqcecqyr26X5upV+Irjv5qYu/6HAGb
59W6n+8KTfMxEMaBQI6qZXxhaBr3HzEaSrz7jtkl+xxym2TGkbarXcm7e7MP66Hu
GD5UCC3svhAAxKXf4K/8v7WhwBpekF9mXtgpq72Du2JG9q+OAWhxzZXbZku+RY7T
-a83wKc1TaPvzK2WZlhNGjcCYSUXcfQOSn5noVTUukW3DNEKP5BmwkvVd
-=Xex0
+a83wKc1TaPvzK2WZlhNGjcCYSUXcfQOSn5noVTUukW3DNEKP5BmwkvVdiEYEEBEC
+AAYFAki9wXQACgkQ9n4qXRzy1ioXYwCgmzCV+o+Ai0gNx0pt9shofcjfJoAAoInV
+mhn36lBeDh/E6cigrUlkdDGWiQIcBBABAgAGBQJIvdcSAAoJEO00zqvie6q8sB4Q
+AKDLTKqtiONf4FkMCZFcMxQyiALcy76zTW9L2oK90zKRhKSt5RPnVmDVyiinBcRJ
+h0lEkpxoqSrs+0XvASWC3RzWLEbW6XXsuHO1RXFsC3FNbe0HkHenirenFkitPMDX
+Q5gHmCJ6yiq2ssuzXAG9vZ4HjkUINBgkeMASiTRC7o0we7jFSRzOTCs4WWdsavrx
+7bhCadeC35ISldTSo6nOP3laPctPcLD83cJszzQyHr/LjF6KYr6n85NAwIt/oxHh
+EUxmezx+lMwWHdr9TQzXzU8cxLSBZ+c+PuZ/NuHz9fOv87eaFDNEqKli9zhzh4eA
+EMeiWKQXHYlmEUUWnZoea46jdjBrvHphogqlCjzMDHtg/pWOsYrGeXjjZ352SGN4
+vyinkdxwUppGQATz55WyiWIzCY1Kt7lqaQHfAM1NgVdoCQ0stlulIO4LVepHRiAY
+HO4EPeQO6pVGGHWCzJyEcMcaBsYGpr9DndSNd66O+Gyeq8QobKnvTH25kwVt/8t1
+9nS+7NLwBrqXCISeDrOQYq5XeCdvpAuJy4CEN5muQWRdUPekE2dh7qcVUdROepq0
+1wMemkmgTLlA0Md7ZdZqsllKhVQ7/HOFzshEaj/VcFrQshuIAjDZFN/OrGLX/NcL
+tcaBmD9lZSQ3CyxnBUTeMdJCOLOK050jNvsEsM89FL+g
+=bJWl
-----END PGP PUBLIC KEY BLOCK-----
</pre>
In the event of a new archive maintainer, the entire archive will be
rebuilt from signed tags in [the monkeysphere git
-repository](/community), rather than trying to piece together
+repository](/community), rather than trying to re-verify the entire
+old archive.
+
+## Maintaining the archive ##
+
+To create a new archive including a single monkeysphere package from
+tag `$TAG` on architecture `$ARCH`, do:
+
+ git clone git://git.monkeysphere.info/monkeysphere
+ cd monkeysphere
+ git tag -v "$TAG"
+ git checkout "$TAG"
+ debuild -uc -us
+ cd repo
+ reprepro -C monkeysphere include experimental "../$TAG_$ARCH.changes"
+
+When you get a binary package built from a separate architecture
+`$NEWARCH` that you want to include with the archive, do:
+
+ cd repo
+ reprepro -C monkeysphere includedeb experimental "../$TAG_$NEWARCH.deb"
+
+To publish the archive, make sure you have access to
+`archivemaster@george.riseup.net`, and then do:
+
+ cd repo
+ ./publish
projects / monkeysphere.git / blobdiff