Helm/Sign

cat <<'EXE'| sudo bash
apt-get update;echo
mkdir -p /etc/apt/keyrings
apt list -a --upgradable;apt-get upgrade -y;echo
apt-get install -y apt-transport-https ca-certificates gnupg && apt-get clean
EXE

GnuPG » Batch » Config

export GPG_TTY=$(tty)
mkdir -p ${HOME}/.config/gnupg
echo -n 'Password: ';read -s PASSPHRASE;export PASSPHRASE;echo
# Password: sadaqah!

cat << CFG | tee ${HOME}/.config/gnupg/chorke.conf >/dev/null
%echo Generating a GPG key
Key-Type: RSA
Key-Length: 3072
Subkey-Type: RSA
Subkey-Length: 3072
Name-Real: Chorke Academia, Inc
Name-Email: info@chorke.org
Expire-Date: 1y
Passphrase: ${PASSPHRASE}
%commit
%echo Done
CFG

GnuPG » Generate » Keys

export GPG_TTY=$(tty)
echo -n 'Password: ';read -s PASSPHRASE;export PASSPHRASE;echo
# Password: sadaqah!

gpg --batch --generate-key ${HOME}/.config/gnupg/chorke.conf
gpg --output ${HOME}/.config/gnupg/chorke.asc --armor --export info@chorke.org
gpg --batch --yes --pinentry-mode loopback --passphrase ${PASSPHRASE} --output ${HOME}/.config/gnupg/chorke.key --armor --export-secret-key info@chorke.org

GnuPG » Key » Terminology

gpg --list-keys

gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2026-06-27
/home/shahed/.gnupg/pubring.kbx
-------------------------------
pub   rsa3072 2025-06-27 [SCEAR] [expires: 2026-06-27]
      C9C2EDE5CBCF39BF574B0B3175D4D308A1349F92
uid           [ultimate] Chorke Academia, Inc <info@chorke.org>
sub   rsa3072 2025-06-27 [SEA] [expires: 2026-06-27]

Key » Terminology
Field	Value	Meaning
Key ID	`A1349F92` (last 8 chars of fingerprint)	Short key ID
Long Key ID	`75D4D308A1349F92` (last 16 chars)	Long key ID
Fingerprint	`C9C2EDE5CBCF39BF574B0B3175D4D308A1349F92`	Full 40-char key fingerprint
Email/UID	`info@chorke.org`	Used to reference key

Key » How to Use
Use Case	Recommended Key Reference
Helm chart signing	`C9C2EDE5CBCF39BF574B0B3175D4D308A1349F92` (fingerprint)
GPG signing	`info@chorke.org` or `A1349F92`
Export key	`gpg --export A1349F92` or full fingerprint
Trust/verify (CI/CD)	Prefer full fingerprint to avoid collision risks

Playground

cat <<'CFG'| tee -a ${HOME}/.gnupg/gpg.conf >/dev/null
use-agent
pinentry-mode loopback
CFG

cat <<'CFG'| tee -a ${HOME}/.gnupg/gpg-agent.conf >/dev/null

allow-loopback-pinentry
CFG

gpgconf --kill gpg-agent
        file ${HOME}/.config/gnupg/chorke.asc
        file ${HOME}/.config/gnupg/chorke.key
gpg --import ${HOME}/.config/gnupg/chorke.key

References

Helm » Provenance Helm » Package Helm

Security » HTTP » Basic Authentication Security » OpenLDAP » BackSQL Security » Certificate » TLS Security » Certificate Security » Password Security » ZA Proxy Security » Domain Security » Spring Security » HTTP Security » Java	Security » SSH » Public Key Authentication Security » Container » Cosign Security » Container » Trivy Security » Container » Snyk

Kubernetes Multipass Minikube Podman Vagrant Docker Qemu Helm K9s K8s	LXC » Alpine » Apache » PHP LXC » Alpine » Nginx » PHP LXC » Logrotate » Redhat Terraform Proxmox Kubectl Ansible CIDR UFW LXC	PostgreSQL » PgBouncer PostgreSQL » PgLoader Docker/Compose/SFTP PostgreSQL Git

Helm/Sign

Contents

GnuPG » Batch » Config

GnuPG » Generate » Keys

GnuPG » Key » Terminology

Playground

References

Navigation menu

Helm/Sign

GnuPG » Batch » Config

GnuPG » Generate » Keys

GnuPG » Key » Terminology

Playground

References

Navigation menu

Search