From Fedora Project Wiki
signing notes
$ sigul --help-commands delete-key Delete a key modify-key-user Modify user's key access list-users List users grant-key-access Grant key access to a user sign-text Output a cleartext signature of a text import-key Import a key new-user Add a user sign-rpm Sign a RPM list-keys List keys sign-data Create a detached signature revoke-key-access Revoke key acess from a user user-info Show information about a user change-passphrase Change key passphrase list-key-users List users that can access a key new-key Add a key modify-user Modify a user sign-rpms Sign one or more RPMs modify-key Modify a key delete-user Delete a user key-user-info Show information about user's key access get-public-key Output public part of the key
- Adding passphrase to signing key.
NSS_HASH_ALG_SUPPORT=+MD5 sigul --verbose --user-name=parasense change-passphrase epel-7
- Inspecting the NSS database
$ certutil -K -d ~/.sigul certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services" Enter Password or Pin for "NSS Certificate DB": < 0> rsa ... <REDACTED> ... sigul-client-cert < 1> rsa ... <REDACTED> ... sigul-client-cert