GPG verification docs (#4381)

* GPG verification docs

* update URL
release/v1.15
techknowlogick 2018-07-05 21:36:55 -04:00 committed by Lunny Xiao
parent f1d6a1fffc
commit 61b40520ba
1 changed files with 9 additions and 1 deletions

View File

@ -21,10 +21,18 @@ the destination platform from the [downloads page](https://dl.gitea.io/gitea), c
the URL and replace the URL within the commands below: the URL and replace the URL within the commands below:
```sh ```sh
wget -O gitea https://dl.gitea.io/gitea/1.4.2/gitea-1.4.2-linux-amd64 wget -O gitea https://dl.gitea.io/gitea/1.4.3/gitea-1.4.3-linux-amd64
chmod +x gitea chmod +x gitea
``` ```
## Verify GPG signature
Gitea signs all binaries with a [GPG key](https://pgp.mit.edu/pks/lookup?op=vindex&fingerprint=on&search=0x2D9AE806EC1592E2) to prevent against unwanted modification of binaries. To validate the binary download the signature file which ends in `.asc` for the binary you downloaded and use the gpg command line tool.
```sh
gpg --keyserver pgp.mit.edu --recv 0x2D9AE806EC1592E2
gpg --verify gitea-1.5.0-linux-amd64.asc gitea-1.5.0-linux-amd64
```
## Test ## Test
After getting a binary, it can be tested with `./gitea web` or moved to a permanent After getting a binary, it can be tested with `./gitea web` or moved to a permanent