From 5f38ef1a02f45e5ef6bebe5468cb533f81c82a7f Mon Sep 17 00:00:00 2001
From: "Babak K. Shandiz" <babakks@github.com>
Date: Tue, 7 Apr 2026 22:13:06 +0100
Subject: [PATCH 1/3] docs: include PGP key fingerprints

Signed-off-by: Babak K. Shandiz <babakks@github.com>
---
 docs/install_linux.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/docs/install_linux.md b/docs/install_linux.md
index 383616a46..1526f6b84 100644
--- a/docs/install_linux.md
+++ b/docs/install_linux.md
@@ -2,6 +2,13 @@
 
 ## Recommended _(Official)_
 
+> [!IMPORTANT]
+> All Linux packages and repository metadata are signed with the following PGP key fingerprints:
+> - `2C6106201985B60E6C7AC87323F3D4EA75716059`
+> - `7F38BBB59D064DBCB3D84D725612B36462313325`
+>
+> You may be prompted to confirm the import of these keys during installation.
+
 ### Debian
 
 Debian packages are hosted on the [GitHub CLI marketing site](https://cli.github.com/) for various operating systems including:
@@ -33,6 +40,13 @@ sudo apt update
 sudo apt install gh
 ```
 
+> [!TIP]
+> To verify the imported PGP keys, you can run this and match the listed fingerprints with those at the top of this document:
+>
+> ```shell
+> gpg --show-keys /etc/apt/keyrings/githubcli-archive-keyring.gpg
+> ```
+
 ### RPM
 
 RPM packages are hosted on the [GitHub CLI marketing site](https://cli.github.com) for various operating systems including:
@@ -46,6 +60,9 @@ RPM packages are hosted on the [GitHub CLI marketing site](https://cli.github.co
 
 These packages are supported by the GitHub CLI maintainers with updates powered by [GitHub CLI deployment workflow](https://github.com/cli/cli/actions/workflows/deployment.yml).
 
+> [!TIP]
+> During installation, you may be prompted to confirm the import of PGP keys. You can verify the keys with the list of fingerprints at the top of this document.
+
 #### DNF5
 
 > [!IMPORTANT]

From 2eceb3908c73a4b33185367cef110e8857b34e73 Mon Sep 17 00:00:00 2001
From: "Babak K. Shandiz" <babakks@github.com>
Date: Tue, 7 Apr 2026 22:21:26 +0100
Subject: [PATCH 2/3] docs: polish wording around PGP keys

Signed-off-by: Babak K. Shandiz <babakks@github.com>
---
 docs/install_linux.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/install_linux.md b/docs/install_linux.md
index 1526f6b84..28848ae32 100644
--- a/docs/install_linux.md
+++ b/docs/install_linux.md
@@ -3,7 +3,7 @@
 ## Recommended _(Official)_
 
 > [!IMPORTANT]
-> All Linux packages and repository metadata are signed with the following PGP key fingerprints:
+> Our Linux packages and repository metadata are signed with the following PGP key fingerprints:
 > - `2C6106201985B60E6C7AC87323F3D4EA75716059`
 > - `7F38BBB59D064DBCB3D84D725612B36462313325`
 >
@@ -41,7 +41,7 @@ sudo apt install gh
 ```
 
 > [!TIP]
-> To verify the imported PGP keys, you can run this and match the listed fingerprints with those at the top of this document:
+> To verify downloaded PGP keys, you can run this and match the listed fingerprints with those at the top of this document:
 >
 > ```shell
 > gpg --show-keys /etc/apt/keyrings/githubcli-archive-keyring.gpg

From 1f94ee4c58242a7bb9669d14fc4cb58efae3ee31 Mon Sep 17 00:00:00 2001
From: "Babak K. Shandiz" <babakks@github.com>
Date: Wed, 8 Apr 2026 13:06:01 +0100
Subject: [PATCH 3/3] docs: add manual PGP key verification commands

Signed-off-by: Babak K. Shandiz <babakks@github.com>
---
 docs/install_linux.md | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/docs/install_linux.md b/docs/install_linux.md
index 28848ae32..99fb56c46 100644
--- a/docs/install_linux.md
+++ b/docs/install_linux.md
@@ -41,10 +41,10 @@ sudo apt install gh
 ```
 
 > [!TIP]
-> To verify downloaded PGP keys, you can run this and match the listed fingerprints with those at the top of this document:
+> To verify PGP keys before installing `gh`, you can run this and match the listed fingerprints with those at the top of this document:
 >
 > ```shell
-> gpg --show-keys /etc/apt/keyrings/githubcli-archive-keyring.gpg
+> curl -fsSL -o - https://cli.github.com/packages/githubcli-archive-keyring.gpg | gpg --show-keys
 > ```
 
 ### RPM
@@ -62,6 +62,12 @@ These packages are supported by the GitHub CLI maintainers with updates powered
 
 > [!TIP]
 > During installation, you may be prompted to confirm the import of PGP keys. You can verify the keys with the list of fingerprints at the top of this document.
+>
+> To verify the PGP keys before installing `gh`, you can run the following command and match the listed fingerprints with those at the top of this document:
+>
+> ```shell
+> curl -fsSL -o - https://cli.github.com/packages/githubcli-archive-keyring.asc | gpg --show-keys
+> ```
 
 #### DNF5