summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorcurrite <sll@disroot.org>2020-08-21 17:08:59 +0200
committercurrite <sll@disroot.org>2020-08-21 17:08:59 +0200
commitc14d6307186a95ab2a538fd04111e6903297ec52 (patch)
treef5e0180e3612bd180215d18c9b03ac2667c5c922
parentc12ddb1e980d26687b25c689d665e01f04398152 (diff)
downloadvyos-documentation-c14d6307186a95ab2a538fd04111e6903297ec52.tar.gz
vyos-documentation-c14d6307186a95ab2a538fd04111e6903297ec52.zip
installation: reorganize gpg verification
-rw-r--r--docs/install.rst35
1 files changed, 19 insertions, 16 deletions
diff --git a/docs/install.rst b/docs/install.rst
index 6b5d35bf..26d7c7c8 100644
--- a/docs/install.rst
+++ b/docs/install.rst
@@ -58,26 +58,29 @@ https://downloads.vyos.io/rolling/current/amd64/vyos-rolling-latest.iso
Download Verification
---------------------
-This subsection and the following one applies to downloaded LTS images, for
-other versions please jump to :ref:`live_installation`.
+LTS images are signed by VyOS lead package-maintainer private key. With
+the official public key, the authenticity of the package can be
+verified. :abbr:`GPG (GNU Privacy Guard)` is used for verification.
-LTS images are signed by VyOS lead package-maintainer private key. With the
-official public key, the authenticity of the package can be verified.
-:abbr:`GPG (GNU Privacy Guard)` is used for verification.
+.. note:: This subsection only applies e applies to LTS images, for
+ Rolling images please jump to :ref:`live_installation`.
+
+Preparing for the verification
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
First, install GPG or another OpenPGP implementation. On most GNU+Linux
-distributions it is installed by default as package managers use it to verify
-package signatures. If not pre-installed, it will need to be downloaded and
-installed.
+distributions it is installed by default as package managers use it to
+verify package signatures. If not pre-installed, it will need to be
+downloaded and installed.
-The official VyOS public key can be retrieved in a number of ways. Skip to
-:ref:`gpg-verification` if the key is already present.
+The official VyOS public key can be retrieved in a number of ways. Skip
+to :ref:`gpg-verification` if the key is already present.
-It can also be retrieved directly from a key server:
+It can be retrieved directly from a key server:
``gpg --recv-keys FD220285A0FE6D7E``
-Or it can be accessed from a key server via a web browser:
+Or it can be accessed via a web browser:
https://pgp.mit.edu/pks/lookup?op=get&search=0xFD220285A0FE6D7E
@@ -154,11 +157,11 @@ The import can be verified with:
.. _gpg-verification:
-GPG
----
+GPG verification
+^^^^^^^^^^^^^^^^
-With the public key imported, the signature for the desired image needs to be
-downloaded.
+With the public key imported, the signature for the desired image needs
+to be downloaded.
.. note:: The signature can be downloaded by appending `.asc` to the URL of the
downloaded VyOS image. That small *.asc* file is the signature for the