summaryrefslogtreecommitdiffstatshomepage
path: root/posts
diff options
context:
space:
mode:
authorWolfgang Müller2024-03-30 14:02:44 +0100
committerWolfgang Müller2024-03-30 14:02:44 +0100
commite7ca34f4a1a273f9cc59f7074dcb6f9a2676a108 (patch)
tree31b919fd25a40a9c16146a616183f5e581c6f1bc /posts
parent03b7d37c9cbf279127707124f10198d70ea62ead (diff)
downloadsite-e7ca34f4a1a273f9cc59f7074dcb6f9a2676a108.tar.gz
posts: Add short paragraph about verify-sig with pramantha
Diffstat (limited to 'posts')
-rw-r--r--posts/verify-with-signify.md8
1 files changed, 7 insertions, 1 deletions
diff --git a/posts/verify-with-signify.md b/posts/verify-with-signify.md
index 13538dd..2df6812 100644
--- a/posts/verify-with-signify.md
+++ b/posts/verify-with-signify.md
@@ -1,6 +1,6 @@
title: Verifying snapshots with signify
date: 2019-01-01
-author: Wynn Wolf Arbor
+author: Wolfgang Müller
I use the [signify](https://flak.tedunangst.com/post/signify) tool to
cryptographically sign all software downloads you will find on this
@@ -11,6 +11,12 @@ downloaded files, I strongly recommend using it to also verify the
_signature_. A portable version of the tool is available
[here](https://github.com/aperezdc/signify).
+### Using my personal overlay
+
+If you happen to use Gentoo, feel free to use my [personal
+overlay](https://git.oriole.systems/pramantha). You only need to enable the
+`verify-sig` USE flag to verify the downloaded tarballs.
+
### Obtaining the signature and checksum
Whether or not you decide to use `signify` to verify downloaded files, you need