Public keys

This is the SSH public key I use to sign some software releases.

Download.

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO7sv2HzSwjPEctz+bITQD2Njx+/guzaE0KYp5hgN1TQ dbohdan@git

Here is how you can verify the integrity of foo.txt signed with foo.txt.sig using my public key:

# Download the test file and its signature.
curl -OJ https://dbohdan.com/foo.txt
curl -OJ https://dbohdan.com/foo.txt.sig

# Download the public key and create an allowed-signers file from it.
curl -OJ https://dbohdan.com/git.pub
awk '{ print $3, $1, $2 }' git.pub > allowed_signers

# Verify the file signature with ssh-keygen.
ssh-keygen -Y verify -f allowed_signers -I dbohdan@git -n file -s foo.txt.sig < foo.txt