From e7ca34f4a1a273f9cc59f7074dcb6f9a2676a108 Mon Sep 17 00:00:00 2001 From: Wolfgang Müller Date: Sat, 30 Mar 2024 14:02:44 +0100 Subject: posts: Add short paragraph about verify-sig with pramantha --- posts/verify-with-signify.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/posts/verify-with-signify.md b/posts/verify-with-signify.md index 13538dd..2df6812 100644 --- a/posts/verify-with-signify.md +++ b/posts/verify-with-signify.md @@ -1,6 +1,6 @@ title: Verifying snapshots with signify date: 2019-01-01 -author: Wynn Wolf Arbor +author: Wolfgang Müller I use the [signify](https://flak.tedunangst.com/post/signify) tool to cryptographically sign all software downloads you will find on this @@ -11,6 +11,12 @@ downloaded files, I strongly recommend using it to also verify the _signature_. A portable version of the tool is available [here](https://github.com/aperezdc/signify). +### Using my personal overlay + +If you happen to use Gentoo, feel free to use my [personal +overlay](https://git.oriole.systems/pramantha). You only need to enable the +`verify-sig` USE flag to verify the downloaded tarballs. + ### Obtaining the signature and checksum Whether or not you decide to use `signify` to verify downloaded files, you need -- cgit v1.2.3-2-gb3c3