Get the Signing Key

'''This chapter is recommended for better security, but it is not strictly required.''' (See [[Trust]])

1. Download {{{fullname}}} OpenPGP key. {{{link}}}

Note: If {{project_name_short}} is already being used, this process can be simplified. See the footnotes. <ref>
Steps 1-3 can be completed with just one command.
{{CodeSelect|code=
gpg --import /usr/share/whonix/whonix-keys.d/derivative.asc
}}
</ref>

2. Store it as <code>{{{shortname}}}.asc</code>.

3. Import the key.

{{CodeSelect|code=
gpg --import {{{shortname}}}.asc
}}

4. Verify the key using this fingerprint.

{{CodeSelect|code=
gpg --fingerprint {{{longfingerprint}}}
}}

The output should show.

<!-- TODO: Fix code tags below for gpgfingerprintparam. Someone line newlines are broken. -->
{{CodeSelect|code=
{{{gpgfingerprintparam}}}
}}

5. This only retrieves the signing key from one source. For better security, [[Signing Key|learn more about the {{project_name_short}} Signing Key]].