1. Hash agreement 2. Encrypt with your private key (don't publish private key) If other people can decrypt ciphertext to hash of agreement, it is signed properly.
I don't understand either What agreement? But hey, let's be literal You need GnuPG keys for this. If you have none, create them: Code: gpg --gen-key If your system also has gpg2, use that instead. And in Tails, your keys won't be saved, unless you've created persistent storage on the USB drive. Anyway, then hash whatever you want to sign. For example: Code: $ echo "this agreement" | sha256sum 3ea126c0bb93e369e60b6834b2a1c9aae7a4c269a7eb1a249d5a702d9fbe94a9 - There are three options for signing: "-clearsign", "-sign", and "-detach-sign". The first produces readable text: Code: $ echo "3ea126c0bb93e369e60b6834b2a1c9aae7a4c269a7eb1a249d5a702d9fbe94a9" | gpg2 --clearsign You need a passphrase to unlock the secret key for user: "mirimir <mirimir@riseup.net>" 2048-bit RSA key, ID 17C2E43E, created 2013-02-03 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 3ea126c0bb93e369e60b6834b2a1c9aae7a4c269a7eb1a249d5a702d9fbe94a9 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJbLGQMAAoJEGINZVEXwuQ+6n4H/ixi3gLoVT1wooC0tlojEW34 a4EwxPsTFgK8jN7dFiIcp6SfMwEs0z6dg8LhdqQqP52+OsUUkr1eqF6puEylJGA5 f2QJdCVM6tEaFHV+sUZRAOH9kJ2V7UTzxIhTX3nnpCQTdXDzwVTa9dqkh8nn+vav NjnA9wfNIwZXnFy0SqkFRRTjVXDrsLRCs12aMSqg5l+MWit5EQ3gOCUNYYucQor3 5aEYst0ypMJr3Ptvv/KShL9DLMjoONNMby+HLKsugGeZHtJS+en7o4EvCrjjTQk7 /NqBEX3Qojf0mRXkazgPxgF6vPGenih4IQEanbepwloRqLjDhmN7eDl0WwfYv4c= =cvE0 -----END PGP SIGNATURE----- The others produce binary output: Code: $ echo "3ea126c0bb93e369e60b6834b2a1c9aae7a4c269a7eb1a249d5a702d9fbe94a9" | gpg2 --sign [This produces a binary version of the above.] Code: $ echo "3ea126c0bb93e369e60b6834b2a1c9aae7a4c269a7eb1a249d5a702d9fbe94a9" | gpg2 --detach-sign [This also produces binary output.]
I have created my keys. Here is what it says. Sign agreement with your pgp key by pasting it in the box below. What I thought it meant was just copy my pgp public key and paste it. Is that not what they means?
To sign something one needs to use private key. You should use you own software to sign something. Be aware that you must not publish your private key. Keep your private key secure. Do not paste it on any web page. Edit, added: Maybe there is a place for already signed agreement? Sign offline, then paste signed agreement.
@anaylor01 - What is the "agreement" that you keep mentioning? Is there some block of text like "This agreement says ..."? Or "You agree to ..."? Or is there an agreement file that you can download? I'm sure that you need to sign something, and paste the signature text in the box.
Ok. Word for word. Sign this agreement with your pgp key and paste to the box below Agreement text This su scription agreement is made and entered onto on 2018-06-22 User XXXXX, pgp fingerprint XXXXXXXXXXXXXXX, hereinafter the subscriber. Operator , pgp fingerprint XXXXXXXXXX. Then a bunch of rules. At the bottom. By signing with my pgp key, i certify that i have read the above information and agree to followrules applicable to my account. My signature certifies my understanding of and agreement with the above terms. Then anothet box that says Signed agreement text. Then a box youcan paste in.
Well, I'd say just copy the full agreement text, and save it as "agreement.txt". Then do this: Code: $ cat agreement.txt | gpg2 --clearsign But it sounds like there's some ambiguity about just exactly what block of text you need to sign. Maybe ask them?
