software/gpg
Signing
Simple way (not an offline master key):
gpg --recv-keys $KEYHASH
gpg --fingerprint # check fingerprint
gpg --sign-key $KEYHASH
gpg --keyserver pgp.mit.edu --send-key $KEYHASH
However, I use an offline master key, which means I need to do a horrible juggling trick of mounting an SD card or similar, specifying a --homedir
, and then exporting-and-importing the signed key when i’m done so it ends up in my not-offline gpg homedir.