From 6a0d25e09c946008d0c7426b61cadb64273fd920 Mon Sep 17 00:00:00 2001 From: Patrick Date: Wed, 29 Apr 2026 22:10:15 +0000 Subject: [PATCH] Update README.md --- README.md | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index cf1884b..f6ad06c 100644 --- a/README.md +++ b/README.md @@ -4,21 +4,30 @@ Call Theory public keys for verification of signed containers from our container ## Call Theory SSH Public Key +Add to your `authorized_keys` file for the SSH user Call Theory uses to access your server(s). + - [calltheory.pub](calltheory.pub) -> Add to your `authorized_keys` file for the +--- -## Verifying Calltheory container images +## Call Theory Container Registry -All images published to `cr.calltheory.com/orbital/*` are signed with Cosign. +All images published to `cr.calltheory.com/orbital/*` are signed with [cosign](https://github.com/sigstore/cosign). ### Install cosign -```bash -curl -sSL -o /usr/local/bin/cosign \ - https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-amd64 -chmod +x /usr/local/bin/cosign -``` +> You will need to install `cosign` first to validate our signed containers. More information can be found [here](https://github.com/sigstore/cosign). + +### Login to the Call Theory container registery + +Run `podman login cr.calltheory.com` (or `docker login cr.calltheory.com`) before trying to verify the signature on our containers. + +We will create and share a *"robot"* account with you for access: + +- Container registery username: `calltheory$orbital+yourcompany` +- Container registery password: `` + +Once you have logged in, you can verify signatures using [cosign.pub](cosign.pub), our public key. ### Get the public key