aboutsummaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2016-01-01 19:01:05 +0100
committerLudovic Courtès <ludo@gnu.org>2016-01-01 19:01:05 +0100
commitdaa8922abc63b2491490ad1898b613f5653a19b1 (patch)
treef2228842b067cfdd6af5e53102c0ded8c02b8ead /doc
parent45147b0caa716a6a0c333fb1cc53990ff79d97d8 (diff)
downloadguix-daa8922abc63b2491490ad1898b613f5653a19b1.tar.gz
guix-daa8922abc63b2491490ad1898b613f5653a19b1.zip
doc: Mention how to verify signatures.
* doc/guix.texi (Binary Installation): Be more precise about signature verification. Suggested by Carl Hansen <carlhansen1234@gmail.com>.
Diffstat (limited to 'doc')
-rw-r--r--doc/guix.texi26
1 files changed, 21 insertions, 5 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 5cdbc5deb6..7fac99ca27 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -312,11 +312,27 @@ Installing goes along these lines:
@enumerate
@item
Download the binary tarball from
-@indicateurl{ftp://alpha.gnu.org/gnu/guix/guix-binary-@value{VERSION}.@var{system}.tar.xz}@footnote{As
-usual, make sure to download the associated @file{.sig} file and to
-verify the authenticity of the tarball against it!}, where @var{system}
-is @code{x86_64-linux} for an @code{x86_64} machine already running the
-kernel Linux, and so on.
+@indicateurl{ftp://alpha.gnu.org/gnu/guix/guix-binary-@value{VERSION}.@var{system}.tar.xz},
+where @var{system} is @code{x86_64-linux} for an @code{x86_64} machine
+already running the kernel Linux, and so on.
+
+Make sure to download the associated @file{.sig} file and to verify the
+authenticity of the tarball against it, along these lines:
+
+@example
+$ wget ftp://alpha.gnu.org/gnu/guix/guix-binary-@value{VERSION}.@var{system}.tar.xz.sig
+$ gpg --verify guix-binary-@value{VERSION}.@var{system}.tar.xz.sig
+@end example
+
+If that command fails because you don't have the required public key,
+then run this command to import it:
+
+@example
+$ gpg --keyserver keys.gnupg.net --recv-keys 3D9AEBB5
+@end example
+
+@noindent
+and rerun the @code{gpg --verify} command.
@item
As @code{root}, run: