Next: , Previous: , Up: Top  


Preferable way is to download tarball with the signature from website and, for example, run tests with benchmarks:

$ [fetch|wget]
$ [fetch|wget]
$ gpg --verify gocheese-2.3.0.tar.xz.sig gocheese-2.3.0.tar.xz
$ xz -d < gocheese-2.3.0.tar.xz | tar xf -
$ make -C gocheese-2.3.0 all test
VersionDateSizeTarballSHA256 checksum
2.3.02019-12-17101 KiBlink sign574C3641 BBDA2957 2FE57F03 98606403 4D7B2C58 44B2CFA4 0EBF9F75 E0186989
2.2.02019-12-09100 KiBlink sign5AA24DA6 C03C51BD 5C45CD50 AA1F19B5 6360C892 3ED86F06 D0F2B8FA 4C8CCB5B

You have to verify downloaded tarballs integrity and authenticity to be sure that you retrieved trusted and untampered software. GNU Privacy Guard is used for that purpose.

For the very first time it is necessary to get signing public key and import it. It is provided below, but you should check alternative resources.

pub   rsa2048/0xCD5CD01F55343D88 2019-12-08 [SC]
      9B27 640B A784 37EC 6D4A  CA6C CD5C D01F 5534 3D88
uid   GoCheese releases <>

You can obtain development source code with git clone git://