About This Site

Code Signing Certificate

All source code distributed on this web site is signed. In order to verify the signature and thus the integrity and authenticity of the obtained code, use the following command:

1

gpg --verify <SOMEFILE>.tar.xz.asc <SOMEFILE>.tar.xz

Replace <SOMEFILE> with the correct file name.

This command only performs the verification if the associated public key was previously imported into the key ring. In case the public key needs to be imported, use the following command which imports the key from 2024:

1

curl https://chronox.de/about/smuellerDD-2024.asc | gpg --import

The following public keys are available:

• Public key starting from 2024

• Public key starting from 2018