SUSEUnbound
Would you like to react to this message? Create an account in a few clicks or log in to continue.


 
HomeHome  PortalPortal  Latest imagesLatest images  SearchSearch  RegisterRegister  Log in  
openFate
Failed gpg signature verification Fatelogo_small openFATE - openSUSE feature tracking
Latest topics
» Difference between 42.2 and 42.1
Failed gpg signature verification Emptyby findoctr Thu Dec 15, 2016 7:53 pm

» openSUSE Leap 42.1 ?
Failed gpg signature verification Emptyby findoctr Fri Feb 05, 2016 8:09 pm

» Happy Turkey Day
Failed gpg signature verification Emptyby findoctr Thu Nov 26, 2015 1:45 pm

» Happy 4th of July!
Failed gpg signature verification Emptyby bozo Sat Jul 04, 2015 12:56 pm

» It's been a while ...
Failed gpg signature verification Emptyby bozo Mon Feb 23, 2015 8:34 pm

» Mondo chillers
Failed gpg signature verification Emptyby bozo Wed Feb 18, 2015 5:11 am

Navigation
 Portal
 Index
 Memberlist
 Profile
 FAQ
 Search
IRC Channel
You can also find us on IRC's freenode.net as #suseunbound.

 

 Failed gpg signature verification

Go down 
3 posters
AuthorMessage
Laz
Gecko
Laz


Posts : 201
Join date : 2012-06-13
Location : Delta BC

Failed gpg signature verification Empty
PostSubject: Failed gpg signature verification   Failed gpg signature verification EmptyMon Oct 22, 2012 7:18 pm

I have an interesting problem. Downloaded openSUSE 12.2 live cd. Both MD5 and SHA1 checksums matched. Thought I'd try the gpg signature as something new to me. These are the steps I took:
laz@linux-zl0u:~> cd Downloads

laz@linux-zl0u:~/Downloads> ls

openSUSE-12.2-GNOME-LiveCD-x86_64.iso
openSUSE-12.2-GNOME-LiveCD-x86_64.iso.asc

laz@linux-zl0u:~/Downloads> gpg -v --verify openSUSE-12.2-GNOME-LiveCD-x86_64.iso.asc openSUSE-12.2-GNOME-LiveCD-x86_64.iso

Version: GnuPG v1.0.7 (GNU/Linux)
gpg: armor header:
gpg: Signature made Thu 30 Aug 2012 03:11:40 AM PDT using RSA key ID 3DBDC284
gpg: Can't check signature: No public key

laz@linux-zl0u:~/Downloads> gpg --recv-key 3DBDC284

gpg: requesting key 3DBDC284 from hkp server keys.gnupg.net
gpg: /home/laszlo/.gnupg/trustdb.gpg: trustdb created
gpg: key 3DBDC284: public key "openSUSE Project Signing Key <opensuse@opensuse.org>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)

laz@linux-zl0u:~/Downloads> gpg --list-key 3DBDC284

pub 2048R/3DBDC284 2008-11-07 [expires: 2014-05-04]
uid openSUSE Project Signing Key <opensuse@opensuse.org>



It should be 22C0 7BA5 3417 8CD0 2EFE 22AA B88B 2FD4 3DBD C284 according to openSUSE.org page, but it isn't.
Can anyone tell me if I did something wrong, or if this is a bunged download?
Back to top Go down
bdquick
Admin
bdquick


Posts : 583
Join date : 2010-02-22
Age : 44
Location : Central Iowa

Failed gpg signature verification Empty
PostSubject: Re: Failed gpg signature verification   Failed gpg signature verification EmptyMon Oct 22, 2012 10:04 pm

I'm going to defer to others, because I have no idea about this.
Back to top Go down
bozo
Admin
bozo


Posts : 402
Join date : 2010-02-23
Location : Way out in the sticks in the Gold Country of California

Failed gpg signature verification Empty
PostSubject: Re: Failed gpg signature verification   Failed gpg signature verification EmptyTue Oct 23, 2012 1:55 pm

I have no real grasp of gpg, but I've never had much luck with it. I wouldn't think it's a bungled download since the checksums matched. I think it's just a problem with gpg finding the trusted keys. It might be set up overly cautious?

clown
Back to top Go down
Laz
Gecko
Laz


Posts : 201
Join date : 2012-06-13
Location : Delta BC

Failed gpg signature verification Empty
PostSubject: Re: Failed gpg signature verification   Failed gpg signature verification EmptyTue Oct 23, 2012 6:29 pm

bozo wrote:
I have no real grasp of gpg, but I've never had much luck with it. I wouldn't think it's a bungled download since the checksums matched. I think it's just a problem with gpg finding the trusted keys. It might be set up overly cautious?clown

I don't think it is really necessary to go through the gpg mess when downloading from the source, but it could be different with third party servers. In this example I was put off by the statement "no ultimately trusted keys found".
Following that, the hash did not match. I started over with a new download, and this time everything worked.
Don't ask me to explain how md5 and sha1 cheked ok whioe gpg did not, I don't hava a clue.

On the other hand, this pushed me to look into gpg a little further, and the result is a "how to" I'll be posting.
I realize that this move is akin to mooning a troop of archers, but it's a first for me.
Back to top Go down
bozo
Admin
bozo


Posts : 402
Join date : 2010-02-23
Location : Way out in the sticks in the Gold Country of California

Failed gpg signature verification Empty
PostSubject: Re: Failed gpg signature verification   Failed gpg signature verification EmptyWed Oct 24, 2012 12:58 am

I"ll be looking forward to seeing it. I always like it when someone else does the hard work for me! Smile

clown
Back to top Go down
Sponsored content





Failed gpg signature verification Empty
PostSubject: Re: Failed gpg signature verification   Failed gpg signature verification Empty

Back to top Go down
 
Failed gpg signature verification
Back to top 
Page 1 of 1

Permissions in this forum:You cannot reply to topics in this forum
SUSEUnbound :: Help Section :: General Help-
Jump to: