tarball signing
David Faure
faure at kde.org
Mon Jun 13 13:33:51 UTC 2016
On lundi 6 juin 2016 11:39:25 CEST Sandro Knauß wrote:
> you don't need to have the privatekey on the server - We have gpg-agent and
> ssh - so you can forward the gpg-agent to the server when doing a release.
> That way the private keymatierial stays safe at your place:
>
> https://www.isi.edu/~calvin/gpgagent.htm
OK.... this requires OpenSSH >= 6.7, and that's not packaged even for OpenSuSE
Tumbleweed. I grabbed an OpenSSH-7.2 RPM from someone's repo at
http://software.opensuse.org/package/openssh and then I couldn't ssh anywhere
anymore (permission denied) :-). Reverted to OpenSSH_6.6.1p1.
I think this will have to wait for a bit.
--
David Faure, faure at kde.org, http://www.davidfaure.fr
Working on KDE Frameworks 5
More information about the release-team
mailing list