The tails.sh script hardcodes the Tails gpg key, unfortunately, it needs to be refreshed, but since the signing key weights around ~1.5M, it doesn't seem practical to embed it in the script.
Maybe download it with wget https://tails.boum.org/tails-signing.key, import it into gpg, and hack something with git verify-tag?
jvoisin
commented
2 years ago
The tails.sh script hardcodes the Tails gpg key, unfortunately, it needs to be refreshed, but since the signing key weights around ~1.5M, it doesn't seem practical to embed it in the script.
Maybe download it with
wget https://tails.boum.org/tails-signing.key, import it into gpg, and hack something withgit verify-tag?