Release media signatures
Our current releases are signed with either of these keys or any sub keys:
Key fingerprint | Gentoo package | Description | Created | Expiry |
---|---|---|---|---|
13EBBDBEDE7A12775DFDB1BABB572E0E2D182910 | sec-keys/openpgp-keys-gentoo-release | Gentoo Linux Release Engineering (Automated Weekly Release Key) | 2009-08-25 | 2024-07-01 |
DCD05B71EAB94199527F44ACDB6B8C1F96D8BF6D | sec-keys/openpgp-keys-gentoo-release | Gentoo ebuild repository signing key (Automated Signing Key) | 2011-11-25 | 2024-07-01 |
EF9538C9E8E64311A52CDEDFA13D0EF1914E7A72 | sec-keys/openpgp-keys-gentoo-release | Gentoo repository mirrors (GitHub) (automated git signing key) | 2018-05-28 | 2024-07-01 |
D99EAC7379A850BCE47DA5F29E6438C817072058 | sec-keys/openpgp-keys-gentoo-release | Gentoo Linux Release Engineering (Gentoo Linux Release Signing Key) | 2004-07-20 | 2024-01-01 |
ABD00913019D6354BA1D9A132839FE0D796198B1 | sec-keys/openpgp-keys-gentoo-auth | Gentoo Authority Key L1 | 2019-04-01 | 2024-07-01 |
18F703D702B1B9591373148C55D3238EC050396E | sec-keys/openpgp-keys-gentoo-auth | Gentoo Authority Key L2 for Services | 2019-04-01 | 2024-07-01 |
2C13823B8237310FA213034930D132FF0FF50EEB | sec-keys/openpgp-keys-gentoo-auth | Gentoo Authority Key L2 for Developers | 2019-04-01 | 2024-07-01 |
Verifying files
To verify downloaded files are not tampered with, the .asc signature file matching the release and the matching key from the table above are needed.
Fetch the key:
gpg --keyserver hkps://keys.gentoo.org --recv-keys <key fingerprint>
Alternatively, fetch a bundle containing all listed keys:
wget -O - https://qa-reports.gentoo.org/output/service-keys.gpg | gpg --import
Alternatively, use the Gentoo sec-keys/openpgp-keys-gentoo-release package:
gpg --import /usr/share/openpgp-keys/gentoo-release.asc
Verify the signature:
gpg --verify <foo.asc>
Detailed instructions are available in the Gentoo Handbook.