gpg: allow GPG 2.1.11+ (to support Ubuntu 16.04 & Mint 18)

2016-12-27 10:12:34 +02:00

1.9 KiB

Raw Blame History

Note: the GPG-related code is still under development, so please try the current implementation and feel free to report any issue you have encountered. Thanks!

Installation

First, verify that you have GPG 2.1.11+ installed (Debian, macOS):

$ gpg2 --version | head -n1
gpg (GnuPG) 2.1.15

This GPG version is included in Ubuntu 16.04 and Linux Mint 18.

Update you TREZOR firmware to the latest version (at least v1.4.0).

Install latest trezor-agent package from GitHub:

$ pip install --user git+https://github.com/romanz/trezor-agent.git

Quickstart

Identity creation

Sample usage (signature and decryption)

You can use GNU Privacy Assistant (GPA) in order to inspect the created keys and perform signature and decryption operations using:

$ sudo apt install gpa
$ ./scripts/gpg-shell gpa

Git commit & tag signatures:

Git can use GPG to sign and verify commits and tags (see here):

$ git config --local gpg.program $(which gpg2)
$ git commit --gpg-sign                      # create GPG-signed commit
$ git log --show-signature -1                # verify commit signature
$ git tag v1.2.3 --sign                      # create GPG-signed tag
$ git tag v1.2.3 --verify                    # verify tag signature