Verify Kicksecure ™ Images Software Signatures
Refer to the KVM Linux on the Command Line instructions.
It is impossible to
signify sign images (
libvirt.tar.xz) directly. You can only verify the
.sha512sums hash sum file using
signify-openbsd and then verify the image against the
Table: Kicksecure ™ VirtualBox Files
|Kicksecure ™ Version||Files|
|Kicksecure ™ VirtualBox CLI|
|Kicksecure ™ VirtualBox XFCE|
Forum discussion: signify-openbsd.
Codecrypt signatures are not yet available, but are planned long term.
Volunteer contributions are happily considered! If you were to contribute
codecrypt signature creation to the Kicksecure ™
prepare_release script, then this feature could be provided much sooner.
If you would like to use codecrypt for software signature verification, please consider making a report in the codecrypt forum thread. This method might be supported sooner if there is sufficient interest.
use codecrypt to sign releases.
- Download the Kicksecure ™ Signing Key
- Verifying Software Signatures
- Placing Trust in Kicksecure ™
- OpenPGP key distribution strategies
- Software Signature Verification Usability Issues and Proposed Solutions