Public Keys

CMD-Auth Public Key Download
Public Key Checksums:
SHA512: e653f79ad10d8651c9f39a892370f9ba3a3dcdfca4843d2ed9440a6a472cd3013da1fad12ab8e58b0400f67429966a024288d2e1daed4d6db0ffbd30f6295840
B2: 69eb49b3f3bbe51ee5daf0a9c015535d9d9117ca216c5286229ff94553f8e6b005e0f5540a4524da0f29a808fb0cb03260c8e36ffb3f952e3ae4778225a49051

RPM Instructions

  1. check downloaded public key integrity:
    i.e. echo "${SHA512checksum} ${path_to_public_key}" | sha512sum -c "${path_to_public_key}"
  2. import public key:
    sudo rpm --import "${path_to_public_key}"
  3. verify .rpm integrity:
    rpm -Kvv /path/to/downloaded/rpm
    Expecting exit code 0.
  4. Critical!
    Make sure that rpm integrity was verified using precisely the correct (downloaded) public key.
    From the output above get the name of the last listed gpg pubkey i.e. gpg-pubkey-b5bf775f-65060753.
    List contents of last listed gpg pubkey:
    i.e. rpm -qi gpg-pubkey-b5bf775f-65060753
    Compare the details and the contents of the last listed gpg pubkey versus the contents of the public key downloaded from this page.

In order to erase rpm gpg pubkey:
i.e. rpm --erase gpg-pubkey-b5bf775f-65060753

DEB Instructions

At the moment .deb packages are ported from .rpm and the verification of public keys is not yet available.
In this case check .deb file by using the checksums provided after downloading the package.