4 # -r means dont refresh keys from keyservers
6 # See https://gluestick.office.fsf.org/checklists/person/crypto-keys/ for
9 shopt -s inherit_errexit
2>/dev
/null ||
: # ignore fail in bash < 4.4
11 trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR
18 for keyserver
in keyring.debian.org keyserver.ubuntu.com pool.sks-keyservers.net
; do
20 cmd
="gpg --keyserver $keyserver --recv-keys $key"
21 # keyservers are not very reliable, so retry
25 if (( ret
== 0 )); then
30 error
=$
(( ret
< error ? ret
: error
)) # use lowest return
37 if [[ $1 == -r ]]; then
41 KEYS
+="A4626CBAFF376039D2D7554497BA9CE761A0963B " #johns
42 KEYS
+="759C0A4A39A02A079712FB5061B826E87A80C8D6 " #johnh
43 KEYS
+="CEA951DB865D0D257BB0A14DCEB69E6F9B36C195 " #andrew
44 KEYS
+="13A0851D6307FC54FCCB81BA2C1008316F3E89B7 " #donald
45 KEYS
+="EF6643D6E1F115D1A9B7D59C92D16583E1E7C532 " #jeanne
46 KEYS
+="04C45B4E3AF05E9EB140FD148B10E9C6407BD6E1 " #matt
47 KEYS
+="318C679D94F17700CC847DE646A70073E4E50D4E " #ruben
48 KEYS
+="0CCB3494C13CCD8F6EC73AA06DA6B7D151C7643E " #dana
49 KEYS
+="B125F60B7B287FF6A2B7DF8F170AF0E2954295DF " #ian
50 KEYS
+="ECE5B5BF952A3AEA92C137F9C9230A4849ACE0DB " #molly
51 KEYS
+="36C9950D2F68254ED89C7C03F9C13A10581AB853 " #craigt
52 KEYS
+="2C31130BF7D5A459AFF2A3F3C9DFFE4A33AA52D9 " #knauth
53 KEYS
+="43372794C8ADD5CA8FCFFA6CD03759DAB600E3C0 " #michael
54 KEYS
+="B102017CCF698F79423EF9CC069C04D206A59505 " #zoe
55 KEYS
+="7CCC7ECD3D78EB384F6C02C8966951617A149C73 " #gregf
56 KEYS
+="A8CAA4A2EB655D07BA1F367BC338CAA4FA700A3A" # oliva
59 rm -f /tmp
/keys.asc .
/fsf-keyring.gpg
67 gpg2
--export $KEYS > fsf-keyring.gpg
69 echo "Please verify in another terminal window that the keyring doesn't contain many spam signatures before signing:"
71 echo "gpg2 --no-default-keyring --keyring=./fsf-keyring.gpg --list-sigs | less"
73 echo "Press [enter] to continue."
76 gpg2
--sign .
/fsf-keyring.gpg
77 mv fsf-keyring.gpg.gpg fsf-keyring.gpg
78 rm -f fsf-keyring.gpg~