Jump to: navigation, search

Template:Build Documentation OpenPGP Verify the Source Code

OpenPGP Verify the Source Code[edit]

This chapter is recommended for better security, but not strictly required.[1]

Get a list of available git tags.

git tag

Verify the tag you want to build. Replace with tag you want to build.

git tag -v {{{version}}}

Output should look similar to this.

object 1844108109a5f2f8bddcf2257b9f3675be5cfb22 type commit tag {{{version}}} tagger Patrick Schleizer <adrelanos@riseup.net> 1392320095 +0000

. gpg: Signature made Thu 13 Feb 2014 07:34:55 PM UTC using RSA key ID 77BB3C48 gpg: Good signature from "Patrick Schleizer <adrelanos@riseup.net>" [ultimate]

The warning.

gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner.

Is explained on the Whonix Signing Key page and can be ignored.
  1. See Trust.