software/gpg

Signing

Simple way (not an offline master key):

gpg --recv-keys $KEYHASH
gpg --fingerprint   # check fingerprint
gpg --sign-key $KEYHASH
gpg --keyserver pgp.mit.edu --send-key $KEYHASH

However, I use an offline master key, which means I need to do a horrible juggling trick of mounting an SD card or similar, specifying a --homedir, and then exporting-and-importing the signed key when i’m done so it ends up in my not-offline gpg homedir.