###Release Setup
These setup steps only need to be performed on a particular machine once.
Developers using Linux workstations can skip over the references to Cygwin. If using Windows, install cygwin, including Utils/gnupg and Net/openssh packages.
####Create and install a SSH key
Follow the latest steps and guides on the ASF website as you should NOT be using SHA1 and new keys MUST be at least 4096 bits.
$ ssh-keygen -t rsa -b 4096
Program defaults should be fine. No passphrase is required for the ssh key generation. The keys will be saved in ~/.ssh/id_dsa (private) and ~/.ssh/id_dsa.pub (public).
See Authenticating By Public Key (OpenSSH) for a good description on why and how to perform this task.
$ cd ~/.ssh $ scp id_dsa.pub <your userid>@people.apache.org:id_dsa.pub $ You will be prompted for your password.
$ cd ~ $ ssh <your userid>@people.apache.org
At this point, you will still be prompted for your password.
$ mkdir ~/.ssh $ chmod 700 ~/.ssh
$ mv ~/id_dsa.pub ~/.ssh/authorized_keys $ chmod 600 ~/.ssh/authorized_keys
* *Each public key in the authorized_keys spans only one line. * For example: "ssh-dss AAAAB3NzaC1kc3MAAA ..... agBmmfZ9uAbSqA== dsa-key-20071107" * '#' in the first column is a comment line.*
$ ssh <userid>@people.apache.org
*If you are still prompted for a password, then you have not set up the ssh keys properly. Review the steps above and ensure that all of the steps were followed properly. Or, maybe the instructions are still not quite right and they still need some adjusting. In that case, please update the instructions accordingly.*
####Create a GPG key
$ gpg --gen-key
The program's default values should be fine. For the "Real Name" enter your full name (ie. Stan Programmer). For the "e-mail address" enter your apache address (ie. sprogrammer@apache.org). You will also be required to enter a "passphrase" for the GPG key generation. Keep track of this as you will need this for the Release processing.
$ gpg --list-sigs <Real Name> && gpg --armor -- export <Real Name>
*The [KEYS](https://svn.apache.org/repos/asf/incubator/streams/KEYS) file is updated via normal svn commit procedures. The one under w.a.o/dist/ has to be manually updated from svn.*
Following the instructions in http://people.apache.org/~henkp/trust/ and ask multiple (at least 3) current Apache committers to sign your public key.
####Configure Maven