Re: GPG signing of debian packages
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
gregor herrmann wrote:
> On Sat, Apr 15, 2006 at 10:19:33AM +0200, davidek@ipnp.troja.mff.cuni.cz wrote:
>
>> --------
>> dpkg-deb: building package `sshguard' in `../sshguard_1.0.0-4_all.deb'.
>> signfile sshguard_1.0.0-4.dsc
>> gpg: skipped "Tomas Davidek <Tomas.Davidek@mff.cuni.cz>": secret key not
>> available
>> gpg: [stdin]: clearsign failed: secret key not available
>> --------
>> The name and email address match those which I used for key generation, so
>> this should be ok. Maybe one has to specify the sign-command (-p) in
>> dpkg-buildpackage ? If so, how does such a command look like ? Or is
>> there anything else wrong ?
If you're the (co-)maintainer of the package the string in
debian/control should match the string in debian/changelog and in the
uid of your key... If the "John Doe <john.doe@example.com>" doesn't
match 100% you'll get the above failure...
>>From man dpkg-buildpackage:
>
> -kkey-id
> Specify a key-ID to use when signing packages.
This is only needed when the Uploader in debian/changelog doesn't match
an uid of the key (sponsoring) AFAIK.
Cheers
Luk
PS: This kind of questions should be sent to debian-mentors@lists.debian.org
- --
Luk Claes - http://people.debian.org/~luk - GPG key 1024D/9B7C328D
Fingerprint: D5AF 25FB 316B 53BB 08E7 F999 E544 DE07 9B7C 328D
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEQPrr5UTeB5t8Mo0RAuutAJ4rIa+MPpapQ0UUgokG6uXBIadEGgCgk3qY
xGmvKZajOILXoCkI5w15Sjg=
=iKYB
-----END PGP SIGNATURE-----
Reply to: