> On Jun 9, 2022, at 7:51 AM, Rick Hillegas <rick.hille...@gmail.com> wrote:
>
> Thanks for the quick response, Maxim.
>
> Yes, my credentials are in ~/.m2/settings.xml. Maven is able to upload
> artifacts and checksums, so the credentials are good. It's the gpg-signing
> bit that's broken.
>
> No, I can't ssh to repository.apache.org:
>
> mainline (17) > ssh rhille...@repository.apache.org
> rhille...@repository.apache.org: Permission denied (publickey)
Last I checked, the maven-gpg-plugin (which is what gets called under the hood,
IIRC) needs to be told which type of gpg you are using on some versions. So
you might need to configure it for your particular build environment. For
Apache Yetus, we setup a profile to do that:
https://github.com/apache/yetus/blob/fae6b390b06c0f1752fc15221cea4b9cdb7d44dc/pom.xml#L264
