Yesterday I’ve created new OpenPGP/GPG keys: one for use in emails and for signing my Debian and Ubuntu package repositories, and another one for signing my RPM packages for CentOS/Fedora Core. All existing repositories and packages have been re-signed with the new keys.
Here are instructions for retrieving those keys (fingerprints are at the bottom).
For sending me encrypted emails and checking my signature you can retrieve the key with the ID
445B9007 from public key servers or download it from the bunkus.org webserver and import it from there.
If you use my apt repositories for Debian or Ubuntu you will have to add the new key to your apt key ring with the following command:
wget -q -O - https://www.bunkus.org/gpg-pub-moritzbunkus.txt | sudo apt-key add -
If you use my yum repositories for Fedora Core or CentOS you will have to update the repository definition. This is done by updating the RPM I offer that contains both the repository spec and the key. Run this command:
sudo rpm -Uhv https://www.bunkus.org/videotools/mkvtoolnix/centos/bunkus-org-repo-2-1.noarch.rpm
Alternatively you can download the key from public key servers or from my web server and add it to rpm with the following commands:
wget -q https://www.bunkus.org/gpg-pub-bunkusorg-rpm-signing.txt
sudo rpm --import gpg-pub-bunkusorg-rpm-signing.txt
Fingerprints for manual verification:
- The key used for emails and Debian/Ubuntu repositories has the ID
445B9007("Moritz Bunkus <email@example.com>"; it can be used with both my private and work email addresses: firstname.lastname@example.org, email@example.com). Its fingerprint is
D919 9745 B054 5F2E 8197 062B 0F92 290A 445B 9007. Note that its sub-key
F2E32C85is used for the actual signature.
- The key used for the RPMs for Fedora Core and CentOS has the ID
10C052A6("bunkus.org RPM signing key <firstname.lastname@example.org>"; it cannot be used for email communication). Its fingerprint is
EB24 BCA1 4BA6 A24F 1427 6FEE 16D2 F5DC 10C0 52A6.