- # or use https://git.cypherpunks.ru/git/gocheese.git
- $ git clone --depth 1 --branch v2.1.0 git://git.cypherpunks.ru/gocheese.git
- $ cd gocheese
- $ git tag --verify v2.1.0
- $ make
+Preferable way is to download tarball with the signature from
+website and, for example, run tests with benchmarks:
-gocheese binary and gocheese.info documentation should be built.
-Although you can also use:
+@verbatim
+$ [fetch|wget] http://gocheese.cypherpunks.ru/gocheese-2.2.0.tar.xz
+$ [fetch|wget] http://gocheese.cypherpunks.ru/gocheese-2.2.0.tar.xz.sig
+$ gpg --verify gocheese-2.2.0.tar.xz.sig gocheese-2.2.0.tar.xz
+$ xz -d < gocheese-2.2.0.tar.xz | tar xf -
+$ make -C gocheese-2.2.0 all test
+@end verbatim
- go get go.cypherpunks.ru/gocheese
-but neither PGP-based authentication is performed, nor documentation build.
+You have to verify downloaded tarballs integrity and authenticity to be
+sure that you retrieved trusted and untampered software. GNU Privacy
+Guard is used for that purpose.
For the very first time it is necessary to get signing public key and
-import it for verifying git's tag. Its fingerprint is:
+import it. It is provided below, but you should check alternative
+resources.
- CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
+ pub rsa2048/0xCD5CD01F55343D88 2019-12-08 [SC]
+ 9B27640BA78437EC6D4ACA6CCD5CD01F55343D88
+ uid GoCheese releases <gocheese@cypherpunks.ru>
-You can locate it using:
+ Look in PUBKEY.asc file.
- $ gpg --auto-key-locate dane --locate-keys stargrave at stargrave dot org
- $ gpg --auto-key-locate wkd --locate-keys stargrave at stargrave dot org
- $ gpg --auto-key-locate wkd --locate-keys stargrave at gnupg dot net
+ $ gpg --auto-key-locate dane --locate-keys gocheese at cypherpunks dot ru
+ $ gpg --auto-key-locate wkd --locate-keys gocheese at cypherpunks dot ru