11.5.1 Automated Upload Registration

Here is how to register your information so you can perform uploads for your GNU package:

1. Create an account for yourself at http://savannah.gnu.org, if you don’t already have one. By the way, this is also needed to maintain the web pages at http://www.gnu.org for your project (see Web Pages).
2. In the ‘My Account Conf’ page on savannah, upload the GPG key you will use to sign your packages. If you haven’t created one before, you can do so with the command gpg --gen-key (you can accept and/or confirm the default answers to its questions).

   Optional but recommended: Send your key to a GPG public key server: gpg --keyserver keys.gnupg.net --send-keys keyid, where keyid is the eight hex digits reported by gpg --list-public-keys on the pub line before the date. For full information about GPG, see http://www.gnu.org/software/gpg.

3. Compose a message with the following items in some msgfile. Then GPG-sign it by running gpg --clearsign msgfile, and finally email the resulting msgfile.asc to ftp-upload@gnu.org.
   1. Name of package(s) that you are the maintainer for, your preferred email address, and your Savannah username.
   2. An ASCII armored copy of your GPG key, as an attachment. (‘gpg --export -a your_key_id >mykey.asc’ should give you this.)
   3. A list of names and preferred email addresses of other individuals you authorize to make releases for which packages, if any (in the case that you don’t make all releases yourself).
   4. ASCII armored copies of GPG keys for any individuals listed in (3).

The administrators will acknowledge your message when they have added the proper GPG keys as authorized to upload files for the corresponding packages.

The upload system will email receipts to the given email addresses when an upload is made, either successfully or unsuccessfully.