rayburgemeestre
/
build-config
Слідкувати 1
В обрані 0
Форк 0
Код Проблеми 0 Запити на злиття 0 Релізи 0 Вікі Активність
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
153 Коміти
1 Гілка
Дерево: 10962946b2
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з '10962946b2'
${ noResults }
build-config/apt-publisher/INIT.TXT

218 lines
7.2KB
Неформатований Blame Історія 

  1. root@209899561fe9:/home/trigen/projects/build-config/apt-publisher# gpg --full-generate-key

  2. gpg: WARNING: unsafe permissions on homedir '/root/.gnupg'

  3. gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.

  4. This is free software: you are free to change and redistribute it.

  5. There is NO WARRANTY, to the extent permitted by law.

  6. 

  7. gpg: keybox '/root/.gnupg/pubring.kbx' created

  8. Please select what kind of key you want:

  9.    (1) RSA and RSA (default)

  10.    (2) DSA and Elgamal

  11.    (3) DSA (sign only)

  12.    (4) RSA (sign only)

  13. Your selection? 1

  14. RSA keys may be between 1024 and 4096 bits long.

  15. What keysize do you want? (3072) 4096

  16. Requested keysize is 4096 bits

  17. Please specify how long the key should be valid.

  18.          0 = key does not expire

  19.       <n>  = key expires in n days

  20.       <n>w = key expires in n weeks

  21.       <n>m = key expires in n months

  22.       <n>y = key expires in n years

  23. Key is valid for? (0) 0

  24. Key does not expire at all

  25. Is this correct? (y/N) y

  26. 

  27. GnuPG needs to construct a user ID to identify your key.

  28. 

  29. Real name: Ray Burgemeestre

  30. Email address: ray@cppse.nl

  31. Comment: 

  32. You selected this USER-ID:

  33.     "Ray Burgemeestre <ray@cppse.nl>"

  34. 

  35. Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O

  36. We need to generate a lot of random bytes. It is a good idea to perform

  37. some other action (type on the keyboard, move the mouse, utilize the

  38. disks) during the prime generation; this gives the random number

  39. generator a better chance to gain enough entropy.

  40. We need to generate a lot of random bytes. It is a good idea to perform

  41. some other action (type on the keyboard, move the mouse, utilize the

  42. disks) during the prime generation; this gives the random number

  43. generator a better chance to gain enough entropy.

  44. gpg: /root/.gnupg/trustdb.gpg: trustdb created

  45. gpg: key 234F14AB5CE16B7B marked as ultimately trusted

  46. gpg: directory '/root/.gnupg/openpgp-revocs.d' created

  47. gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/D16D83CA3E4397DEB2462A3B234F14AB5CE16B7B.rev'

  48. public and secret key created and signed.

  49. 

  50. pub   rsa4096 2019-12-27 [SC]

  51.       D16D83CA3E4397DEB2462A3B234F14AB5CE16B7B

  52. uid                      Ray Burgemeestre <ray@cppse.nl>

  53. sub   rsa4096 2019-12-27 [E]

  54. 

  55. root@209899561fe9:/home/trigen/projects/build-config/apt-publisher# 

  56. 

  57. ---

  58. 

  59. had to invoke this to get the key ids again:

  60. --

  61. 

  62. 

  63. root@209899561fe9:/home/trigen/projects/build-config/apt-publisher# gpg --keyid-format SHORT -k

  64. gpg: WARNING: unsafe permissions on homedir '/root/.gnupg'

  65. /root/.gnupg/pubring.kbx

  66. ------------------------

  67. pub   rsa4096/5CE16B7B 2019-12-27 [SC]

  68.       D16D83CA3E4397DEB2462A3B234F14AB5CE16B7B

  69. uid         [ultimate] Ray Burgemeestre <ray@cppse.nl>

  70. sub   rsa4096/43C5B68C 2019-12-27 [E]

  71. 

  72. --- mapping from blog post ---

  73. 

  74. theirs 10E6133F  is ours: 5CE16B7B

  75. theirs 7B34E07C  is ours: 43C5B68C

  76. 

  77. ---

  78. 

  79. root@209899561fe9:/home/trigen/projects/build-config/apt-publisher# gpg --edit-key 5CE16B7B

  80. gpg: WARNING: unsafe permissions on homedir '/root/.gnupg'

  81. gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.

  82. This is free software: you are free to change and redistribute it.

  83. There is NO WARRANTY, to the extent permitted by law.

  84. 

  85. Secret key is available.

  86. 

  87. sec  rsa4096/234F14AB5CE16B7B

  88.      created: 2019-12-27  expires: never       usage: SC  

  89.      trust: ultimate      validity: ultimate

  90. ssb  rsa4096/DD5B61D243C5B68C

  91.      created: 2019-12-27  expires: never       usage: E   

  92. [ultimate] (1). Ray Burgemeestre <ray@cppse.nl>

  93. 

  94. gpg> addkey

  95. Please select what kind of key you want:

  96.    (3) DSA (sign only)

  97.    (4) RSA (sign only)

  98.    (5) Elgamal (encrypt only)

  99.    (6) RSA (encrypt only)

  100. Your selection? 4

  101. RSA keys may be between 1024 and 4096 bits long.

  102. What keysize do you want? (3072) 4096

  103. Requested keysize is 4096 bits

  104. Please specify how long the key should be valid.

  105.          0 = key does not expire

  106.       <n>  = key expires in n days

  107.       <n>w = key expires in n weeks

  108.       <n>m = key expires in n months

  109.       <n>y = key expires in n years

  110. Key is valid for? (0) 

  111. Key does not expire at all

  112. Is this correct? (y/N) y

  113. Really create? (y/N) y

  114. We need to generate a lot of random bytes. It is a good idea to perform

  115. some other action (type on the keyboard, move the mouse, utilize the

  116. disks) during the prime generation; this gives the random number

  117. generator a better chance to gain enough entropy.

  118. 

  119. sec  rsa4096/234F14AB5CE16B7B

  120.      created: 2019-12-27  expires: never       usage: SC  

  121.      trust: ultimate      validity: ultimate

  122. ssb  rsa4096/DD5B61D243C5B68C

  123.      created: 2019-12-27  expires: never       usage: E   

  124. ssb  rsa4096/C91687F126512AB8

  125.      created: 2019-12-27  expires: never       usage: S   

  126. [ultimate] (1). Ray Burgemeestre <ray@cppse.nl>

  127. 

  128. gpg> save

  129. 

  130. ---

  131. 

  132. get ID again:

  133. 

  134. root@209899561fe9:/home/trigen/projects/build-config/apt-publisher# gpg --keyid-format SHORT -k

  135. gpg: WARNING: unsafe permissions on homedir '/root/.gnupg'

  136. /root/.gnupg/pubring.kbx

  137. ------------------------

  138. pub   rsa4096/5CE16B7B 2019-12-27 [SC]

  139.       D16D83CA3E4397DEB2462A3B234F14AB5CE16B7B

  140. uid         [ultimate] Ray Burgemeestre <ray@cppse.nl>

  141. sub   rsa4096/43C5B68C 2019-12-27 [E]

  142. sub   rsa4096/26512AB8 2019-12-27 [S]

  143. 

  144. 

  145. ---

  146. 

  147. theirs 10E6133F  is ours: 5CE16B7B

  148. theirs 7B34E07C  is ours: 43C5B68C

  149. theirs A72DB3EF  is ours: 26512AB8

  150. 

  151. ---

  152. 

  153. mkdir keys

  154. gpg --export-secret-key 5CE16B7B > keys/private.key

  155. gpg --export 5CE16B7B >> keys/private.key

  156. 

  157. 

  158. gpg --export 5CE16B7B > keys/public.key

  159. gpg --export-secret-subkeys 26512AB8 > keys/signing.key

  160. 

  161. 

  162. -- ignored: #back up the private.key file before running this# rm private.key

  163. 

  164. # not ignored: 

  165. 

  166. gpg --delete-secret-key 5CE16B7B

  167. 

  168. root@209899561fe9:/home/trigen/projects/build-config/apt-publisher# gpg --delete-secret-key 5CE16B7B

  169. gpg: WARNING: unsafe permissions on homedir '/root/.gnupg'

  170. gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.

  171. This is free software: you are free to change and redistribute it.

  172. There is NO WARRANTY, to the extent permitted by law.

  173. 

  174. 

  175. sec  rsa4096/234F14AB5CE16B7B 2019-12-27 Ray Burgemeestre <ray@cppse.nl>

  176. 

  177. Delete this key from the keyring? (y/N) y

  178. This is a secret key! - really delete? (y/N) y

  179. 

  180. root@209899561fe9:/home/trigen/projects/build-config/apt-publisher# gpg --import keys/public.key keys/signing.key

  181. gpg: WARNING: unsafe permissions on homedir '/root/.gnupg'

  182. gpg: key 234F14AB5CE16B7B: "Ray Burgemeestre <ray@cppse.nl>" not changed

  183. gpg: key 234F14AB5CE16B7B: "Ray Burgemeestre <ray@cppse.nl>" not changed

  184. gpg: To migrate 'secring.gpg', with each smartcard, run: gpg --card-status

  185. gpg: key 234F14AB5CE16B7B: secret key imported

  186. gpg: Total number processed: 2

  187. gpg:              unchanged: 2

  188. gpg:       secret keys read: 1

  189. gpg:   secret keys imported: 1

  190. root@209899561fe9:/home/trigen/projects/build-config/apt-publisher# gpg --keyid-format SHORT -k

  191. gpg: WARNING: unsafe permissions on homedir '/root/.gnupg'

  192. /root/.gnupg/pubring.kbx

  193. ------------------------

  194. pub   rsa4096/5CE16B7B 2019-12-27 [SC]

  195.       D16D83CA3E4397DEB2462A3B234F14AB5CE16B7B

  196. uid         [ultimate] Ray Burgemeestre <ray@cppse.nl>

  197. sub   rsa4096/43C5B68C 2019-12-27 [E]

  198. sub   rsa4096/26512AB8 2019-12-27 [S]

  199. 

  200. 

  201. # ignored: rm public.key signing.key

  202. 

  203. gpg --keyserver keyserver.ubuntu.com --send-key 5CE16B7B

  204. 

  205. # ok done :-)

  206. 

  207. ---

  208. 

  209. moment of truth:

  210. 

  211. root@b1e2708c4531:/home/trigen/projects/build-config/apt-publisher# reprepro -b /repo includedeb bionic packages/*.deb

  212. Exporting indices...

  213. 

  214. 

  215. ; reprepro -b /repo list bionic

  216.