June 28, 2011

More Manifest signing tips and stats

If you're signing Manifests and wonder how to use a stronger hash than SHA-1, here's a nice ~/.gnupg/gpg.conf snippet:

personal-digest-preferences SHA512,SHA256,SHA1

This is a modified version of Justin's snippet.

By the way, since my last signing-related post in March, the number of signed Manifests has increased and now about 56% of Manifests are signed. Here are commands I've used to count the total number of Manifests and signed ones:

find /usr/portage -maxdepth 3 -name Manifest | wc -l
find /usr/portage -maxdepth 3 -name Manifest -exec grep -l 'BEGIN PGP SIGNATURE' {} + | wc -l