GPG

Hosted Fermah GPG signing key for verification of our executed scripts.

Import Key

Download the key file and run this command:

gpg --import fermah-gpg.asc

This will import our key and will be useful for any future verifications.

Verify

Our Install Script has a .asc signature file alongside them. e.g. file install.sh will have install.sh.asc available.

gpg --verify install.sh.asc install.sh

Example for Install script

Here's an example for downloading both the signature and the script:

wget https://storage.googleapis.com/fermah-releases/install.sh.asc
wget https://storage.googleapis.com/fermah-releases/install.sh
gpg --verify install.sh.asc install.sh

If verification fails, you should not run the script file and contact us immediately.

The verification signature should display the email from one of our engineers.

PreviousStarting a Node NextSupport

Last updated 7 months ago

Was this helpful?