Hi guys, the gpgish in the section can be improved a little bit. To download the key is better to use the fingerprint (that way the fingerprint is checked too) gpg --homedir /etc/portage/gpg --keyserver subkeys.pgp.net --recv-keys "DCD05B71EAB94199527F44ACDB6B8C1F96D8BF6D" Then the key should be checked: gpg --homedir /etc/portage/gpg --fingerprint This should list only a pub key (to verify for possible conflicts). Finally to mark the trust as ultimate it's easier to just do this: gpg --homedir /etc/portage/gpg --trusted-key 0xDB6B8C1F96D8BF6D --check-trustdb Or this: echo "DCD05B71EAB94199527F44ACDB6B8C1F96D8BF6D:6:" | gpg --homedir /etc/portage/gpg --import-ownertrust I prefer the second as it uses the whole fingerprint too. I'll try to write a patch for the handbook later today,
Created attachment 374558 [details, diff] Patch to the docs
I'm not sure I'm happy with such a change. Many users still follow the handbook read from another system, print-out or from the same system but without copy/paste possibility. Such fingerprints make it damn hard to do this correctly. The longer keys are already a nuisance (as #gentoo has told me a few months back).
(In reply to Sven Vermeulen from comment #2) > I'm not sure I'm happy with such a change. > > Many users still follow the handbook read from another system, print-out or > from the same system but without copy/paste possibility. Such fingerprints > make it damn hard to do this correctly. > > The longer keys are already a nuisance (as #gentoo has told me a few months > back). Can then we put the other option as an alternative then?
the XML handbook ain't around anymore, and there's the "discussion" tab on the wiki for suggestions. closing.
