GPG

My public key: 1C20 7C97 A31E 4EFF 84C8 FF98 398A 6057 F139 FC6A

You can send me encrypted mail using this key, and many of the files on my site have been cryptographically signed.

Suppose we want to verify one of my papers.

  • If you don't have my public key in your keychain, fetch it:

gpg2 --keyserver keys.openpgp.org --recv-keys 1C207C97A31E4EFF84C8FF98398A6057F139FC6A

  • Then we fetch the paper and the corresponding signature (.asc file):

$ ftp http://theunixzoo.co.uk/pubs/pdf/barrett2015approaches.pdf{,.asc}

On Linux, you would use wget instead of ftp.

  • Then we can verify the signature:

$ gpg2 --verify barrett2015approaches.pdf.asc barrett2015approaches.pdf
gpg: Signature made Thu Dec 17 18:44:13 2015 GMT using RSA key ID DA939384
gpg: Good signature from "Edd Barrett edd@theunixzoo.co.uk" [ultimate]
gpg:                 aka "Edd Barrett vext01@gmail.com" [ultimate]

SSH

My public key: id_rsa.pub (sig)