English Russian
[[!meta title="Install Tails from Debian or Ubuntu using the command line and GnuPG"]]
[[!meta stylesheet="inc/stylesheets/expert" rel="stylesheet" title=""]]
<h1 id="verify-key" class="step">Verify the Tails signing key</h1>
<p>If you already certified the Tails signing key with your own key, you
can skip this step and start [[downloading and verifying the USB
In this step, you will download and verify the *Tails signing key* which is the OpenPGP key that is used to cryptographically sign the Tails USB image.
<div class="note">
<p>To follow these instructions you need to have your own OpenPGP
<p>To learn how to create yourself an OpenPGP key, see
<a href="https://riseup.net/en/security/message-security/openpgp/gpg-keys">Managing
OpenPGP Keys</a> by <em>Riseup</em>.</p>
This verification technique uses the OpenPGP Web of Trust and the certification made by official Debian developers on the Tails signing key.
Import the Tails signing key in your <span class="application">GnuPG</span> keyring:
wget https://tails.net/tails-signing.key
gpg --import < tails-signing.key
Install the Debian keyring. It contains the OpenPGP keys of all Debian developers:
sudo apt update && sudo apt install debian-keyring
Import the OpenPGP key of [[!wikipedia Chris_Lamb_(software_developer) desc="Chris Lamb"]], a former Debian Project Leader, from the Debian keyring into your keyring:
gpg --keyring=/usr/share/keyrings/debian-keyring.gpg --export chris@chris-lamb.co.uk | gpg --import
Verify the certifications made on the Tails signing key:
gpg --keyid-format 0xlong --check-sigs A490D0F4D311A4153E2BB7CADBB802B258ACD84F
In the output of this command, look for the following line:
sig! 0x1E953E27D4311E58 2020-03-19 Chris Lamb <chris@chris-lamb.co.uk>
Here, <code>sig!</code>, with an exclamation mark, means that Chris
Lamb verified and certified the Tails signing key with his key.