# Public keys

## SSH signing key {#ssh-sign}

I use the following SSH public key to sign some software releases.

[Download](git.pub).

```plaintext
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO7sv2HzSwjPEctz+bITQD2Njx+/guzaE0KYp5hgN1TQ dbohdan@git
```

This example shows how to verify the integrity of [`foo.txt`](foo.txt) with the signature [`foo.txt.sig`](foo.txt.sig) using my public key:

```sh
# Download the test file and its signature.
curl -OJ https://dbohdan.com/foo.txt
curl -OJ https://dbohdan.com/foo.txt.sig

# Download the public key and create an allowed-signers file from it.
curl -OJ https://dbohdan.com/git.pub
awk '{ print $3, $1, $2 }' git.pub > allowed_signers

# Verify the file signature with ssh-keygen.
ssh-keygen -Y verify -f allowed_signers -I dbohdan@git -n file -s foo.txt.sig < foo.txt
```