Re: GPG signing of debian packages
-----BEGIN PGP SIGNED MESSAGE-----
Andreas Metzler wrote:
> firstname.lastname@example.org wrote:
>> Dear experts,
>> I am trying to build my own debian packages with GPG signature. I set
>> up gnupg, ran gpg and gpg --gen-key and also filled the variable
>> default-key with my generated keyID in ~/.gnupg/gpg.conf. I thought that
>> this is all I have to do, since Debian Maintainer's guide claims that
>> dpkg-buildpackage -rfakeroot
>> needs as the input the secret passhprase (twice). I expected I
>> would be asked for the passphrase, but it's not the case.
> I think question has been answered already, just a tidbit:
> - I personally always run dpkg-buildpackage with -uc -us and use
> debsign -kkeyid foo_changes to sign the /final/ packages
> afterwards. I usually build the packages more than once before
> uploading as I often find some last-minute bug, and don't like to
> type in my gpg-passphrase more frequently than necessary.
Even than you should not need to specify the -kkeyid...
Luk Claes - http://people.debian.org/~luk - GPG key 1024D/9B7C328D
Fingerprint: D5AF 25FB 316B 53BB 08E7 F999 E544 DE07 9B7C 328D
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
-----END PGP SIGNATURE-----