Skip to content

Instantly share code, notes, and snippets.

@ottosch

ottosch/verify-grapheneos-signature.md

Created February 10, 2025 23:16
Show Gist options
  • Save ottosch/4d255d887afa38a5113fb0ba82d56f5e to your computer and use it in GitHub Desktop.
Save ottosch/4d255d887afa38a5113fb0ba82d56f5e to your computer and use it in GitHub Desktop.
Download ZIP
How to verify GrapheneOS releases
Raw
verify-grapheneos-signature.md

Verifying GrapheneOS releases

Instructions taken from Obtaining Factory Images.

Get the signers' public keys

curl -O https://releases.grapheneos.org/allowed_signers

Alternative locations: Twitter / X and GitHub.

Content:

[email protected] ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIUg/m5CoP83b0rfSCzYSVA4cw4ir49io5GPoxbgxdJE

Verify with ssh-keygen

Example: Pixel 8A:

ssh-keygen -Y verify -f allowed_signers -I [email protected] -n "factory images" -s akita-install-2025020500.zip.sig <akita-install-2025020500.zip
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment