Browser: CCBot/1.0 (+http://www.commoncrawl.org/bot.html)

Time: 11:28:21     Date: Sat 21 Nov 2009

Security Page

Download my public GPG key: pmkey.asc

RPM
I use GPG for encryption and signing RPM files.  Download my public key and import it to your RPM database:

         rpm  --import  pmkey.asc

To confirm that a downloaded RPM file has not been tampered with, use the "-K" option on the "rpm" command. For Example:

         rpm  -K  bsu-2.0.0-1.i386.rpm

This will test both the MD5 and the GPG signature.  For this to work, you should add my public key to your gpg key ring.  You can also check the fingerprint for this key (listed at bottom of this page).

DEB I use GPG for encryption and signing DEB files. Download my public key and import it into the GPG keyring:

         gpg  --import  pmkey.asc

To check the *.changes or *.dsc files, you use the "gpg" program with the "verify" option. For example:

         gpg  --verify  bsu_2.0.0-1lenny.dsc

         gpg  --verify  bsu_2.0.0-1lenny_i386.changes

The above commands are used to check the source package. The *.deb packages (both binary and source) are signed with a detached signature. To verify a file with a detached signature, you would give a command like the following example:

         gpg  --verify  bsu_2.0.0-1lenny_i386.deb.asc

This will work if the file bsu_2.0.0-1lenny_i386.deb is in the same directory as the detached signature. The alternative command is to give the *.deb file as an argument on the command line. The general form would be:

         gpg  --verify  bsu_2.0.0-1lenny_i386.deb.asc   bsu_2.0.0-1lenny_i386.deb

where the second argument might also include a pathname to the files location. It also works if they are in the same directory.

How to create a detached signature
The detached signatures are created with GPG by using 3 arguments. Say we wish to sign the file foobar.deb with a detached signature:

         gpg  --sign  --armor   -b   foobar.deb

The result will be a detached signature, foobar.deb.asc. The --armor option creates an ASCII (non-binary) signature file, and the -b option causes the signature to be detached, in a separate file with the *.asc ending.

Encrypting Files and EMAIL
You can also use this public key to encrypt files meant for me to decrypt.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

mQGiBDxZ9GIRBADJ/p9510p5ubYWlhGZgMNJUEcP2rkMoA/jtxFqqaWERjvMKwW4
kbWytJ2VLlIhiFI0vUMtViHpppFz6TfDR+1qvIzBqxobieIuPxotCa1e+KDWpaCI
Rb2+4ny2TlbZ3JBsK9rzMZkIVsUa7aCFbHmtLpBRwf2T97AEm3+lSQFBEwCgiWqC
wc2tKBGeZ6rdmGWkbmUzdN8EAMnoXaW5lo+WhbitR40qQ5YwE0GwXMcD+/QhMjCv
353YPbnPzkhFokQ6dVkk3rTQBV5jg0p0YsjNVaWwQo7oNXLOLLhC2d+/mLPGjPH+
afgKGFmyXkxUuLHmht0JZsuiLfr8oOEBQyHwQC+y1Ccd94nEefTvQE8I8Sqy0kP/
01ezA/9B/+Xy+L4mJvGGJ/cOOV4yzzR8BJ+koYhGVvNEq2I5jy67KhBpSPWxRPb5
dWu31WCnkzk6i9NUAx3QecvXLTR6AZMvw1TL8kGmCsG7vWWNB1Mg2P62AMARxbOl
fPY5Y9tzDFXaNan6axTGMKOto/5RDfp5X9n08bfiUiFK0iVH6bQ2UGF1bCBNaWNo
YWVscyAoSmFudWFyeSAyMDAyKSA8cG1AY2dpc3MuYm9pc2VzdGF0ZS5lZHU+iFcE
ExECABcFAjxZ9GIFCwcKAwQDFQMCAxYCAQIXgAAKCRDdrrznSBLIXCYzAJ9XDNs+
/Ue7F/hFQdsM8Xb3K1EUsACeIbhzpowmmOAWkcW/H77fUg4O6G+5AQ0EPFn0dRAE
AIBVO6W+vPZimewQeBIAaou+81RMGmBcMQ3fUjLdXUQubjOM4LYjS4WP+AtzIvuj
2GXMBkh0eOAiw0Icn9UD5Qv1ogBrRBmSGmP4XLtin6PgGdG9Ak6PQtb2ZKj5kGq3
8fG/OOtFSYHJuD8MPenL3mMQwSMtoFgMqpU3b/1ONVdDAAMFA/0WjVrD0vMw2O1R
4owGbsu9VdS5V3BDwssgVy1V7GZEB1iCJqKPf87wNYaZWQWuCx6SmVQe+XrP67MC
Zbm8Pk8bFFaNa3aOXHfqB+kzXofiKfCNVdqy7jAyZrhN753pZlJYMvq/EnNa5qMm
PrNak+/8XZMA1I76l9//ybQMwuK6gYhGBBgRAgAGBQI8WfR1AAoJEN2uvOdIEshc
sToAni1CjyZvwbsYb0uVSkZuP4dEUAOkAJ9FIBzX2e/16FVW222yNKOl0shLRw==
=zS6T
-----END PGP PUBLIC KEY BLOCK-----

pub  1024D/4812C85C 2002-02-01 Paul Michaels (January 2002) <pm@cgiss.boisestate.edu>
Fingerprint: 71BA 8C44 FC33 832B C576  556E DDAE BCE7 4812 C85C