trezor-agent/README-GPG.md
2016-11-11 20:05:47 +02:00

1.7 KiB

Note: the GPG-related code is still under development, so please try the current implementation and feel free to report any issue you have encountered. Thanks!

Installation

First, verify that you have GPG 2.1+ installed:

$ gpg2 --version | head -n1
gpg (GnuPG) 2.1.15

Update you TREZOR firmware to the latest version (at least v1.4.0).

Install latest trezor-agent package from GitHub:

$ pip install --user git+https://github.com/romanz/trezor-agent.git

Quickstart

Identity creation

asciicast

Sample usage (signature and decryption)

asciicast

You can use GNU Privacy Assistant (GPA) in order to inspect the created keys and perform signature and decryption operations using:

$ sudo apt install gpa
$ ./scripts/gpg-shell gpa

GPA

Git commit & tag signatures:

Git can use GPG to sign and verify commits and tags (see here):

$ git config --local gpg.program $(which gpg2)
$ git commit --gpg-sign                      # create GPG-signed commit
$ git log --show-signature -1                # verify commit signature
$ git tag --sign "v1.2.3"                    # create GPG-signed tag
$ git verify-tag "v1.2.3"                    # verify tag signature