FAQ

Page Discussion History

Difference between revisions of "Pgp"

m (how paranoid should one be...?)
 
(added short installation hint for debian, and a link to all pgp keys)
 
Line 1: Line 1:
 +
=PGP=
 +
 
Releases are signed using [[http://en.wikipedia.org/wiki/Pretty_Good_Privacy PGP]]. Checking the signature is a good practice for testing the origin and the integrity of the download. To check the signature requires [http://sysoev.ru/pgp.txt the public key of the signer]]. If you're even more paranoid and think that server might get hacked (smart person!) check the Primary key fingerprint: ( 4C2C 85E7 05DC 7308 3399  0C38 A937 6139 A524 C53E )
 
Releases are signed using [[http://en.wikipedia.org/wiki/Pretty_Good_Privacy PGP]]. Checking the signature is a good practice for testing the origin and the integrity of the download. To check the signature requires [http://sysoev.ru/pgp.txt the public key of the signer]]. If you're even more paranoid and think that server might get hacked (smart person!) check the Primary key fingerprint: ( 4C2C 85E7 05DC 7308 3399  0C38 A937 6139 A524 C53E )
 +
 +
You can find all keys for nginx at http://nginx.org/en/pgp_keys.html
  
 
But well, this is a wiki and the public can edit such pages...the PGP way to decide which key to trust would be for the owner of the key to get it signed by some other well-trusted keys. (Suggestion to Igor)
 
But well, this is a wiki and the public can edit such pages...the PGP way to decide which key to trust would be for the owner of the key to get it signed by some other well-trusted keys. (Suggestion to Igor)
 +
 +
=Adding the key to apt on Debian based servers=
 +
 +
# Download the key [http://nginx.org/keys/nginx_signing.key nginx_signing.key]
 +
# run as root (or sudo) apt-key add nginx_signing.key
 +
# install nginx from nginx.org repository.

Latest revision as of 15:17, 19 July 2013

PGP

Releases are signed using [PGP]. Checking the signature is a good practice for testing the origin and the integrity of the download. To check the signature requires the public key of the signer]. If you're even more paranoid and think that server might get hacked (smart person!) check the Primary key fingerprint: ( 4C2C 85E7 05DC 7308 3399 0C38 A937 6139 A524 C53E )

You can find all keys for nginx at http://nginx.org/en/pgp_keys.html

But well, this is a wiki and the public can edit such pages...the PGP way to decide which key to trust would be for the owner of the key to get it signed by some other well-trusted keys. (Suggestion to Igor)

Adding the key to apt on Debian based servers

  1. Download the key nginx_signing.key
  2. run as root (or sudo) apt-key add nginx_signing.key
  3. install nginx from nginx.org repository.