diff --git a/docs/support.rst b/docs/support.rst index dd56e0438..0a58bf171 100644 --- a/docs/support.rst +++ b/docs/support.rst @@ -87,17 +87,17 @@ Verifying signed releases `Releases `_ are signed with the same GPG key and a .asc file is provided for each binary. -To verify a signature, the public key needs to be known to GPG. It can be imported into the local keystore from a keyserver with the fingerprint: +To verify a signature, the public key needs to be known to GPG. It can be imported into the local keystore from a keyserver with the fingerprint:: gpg --recv-keys "6D5B EF9A DD20 7580 5747 B70F 9F88 FB52 FAF7 B393" If GPG successfully imported the key, the output should be (among other things): 'Total number processed: 1'. -To verify for example the signature of the borg-linux64 binary: +To verify for example the signature of the borg-linux64 binary:: gpg --verify borg-linux64.asc -GPG outputs if it finds a good signature. The output should look similar to this: +GPG outputs if it finds a good signature. The output should look similar to this:: gpg: Signature made Sat 30 Dec 2017 01:07:36 PM CET using RSA key ID 51F78E01 gpg: Good signature from "Thomas Waldmann " @@ -109,4 +109,4 @@ GPG outputs if it finds a good signature. The output should look similar to this Primary key fingerprint: 6D5B EF9A DD20 7580 5747 B70F 9F88 FB52 FAF7 B393 Subkey fingerprint: 2F81 AFFB AB04 E11F E8EE 65D4 243A CFA9 51F7 8E01 -If you want to make absolutely sure that you have the right key, you need to verify it via another channel and assign a trust-level to it. \ No newline at end of file +If you want to make absolutely sure that you have the right key, you need to verify it via another channel and assign a trust-level to it.