About This Site

Code Signing Certificate

All source code distributed on this web site is signed. In order to verify the signature and thus the integrity and authenticity of the obtained code, use the following command:

1

gpg --verify <SOMEFILE>.tar.xz.asc <SOMEFILE>.tar.xz

Replace <SOMEFILE> with the correct file name.

This command only performs the verification if the associated public key was previously imported into the key ring. In case the public key needs to be imported, use the following command which imports the key from 2024:

1

curl https://chronox.de/about/smuellerDD-2024.asc | gpg --import

The following public keys are available:

• Public key starting from 2024 with fingerprint 342C 4E3A 39EA 5F19 909B E38A AE5D 0DA3 FD09 2353

• Public key starting from 2018 with fingerprint 3BCC 43D4 D2C8 7D17 84B6 9EE4 421E E936 326A C15B