Re: Verifying Digital Signatures
- Date: Mon, 11 Jun 2018 10:39:29 +0200
- From: john doe <johndoe65534@xxxxxxxx>
- Subject: Re: Verifying Digital Signatures
On 6/11/2018 8:32 AM, john doe wrote:
On 6/11/2018 7:43 AM, HP Garcia wrote:
I'm following the steps to verify kernel signatures using GNUpg. I'm
following the directions from
Where I am getting stumped is verifying the tar against the signature.
linux-4.17 linux-4.17.tar linux-4.17.tar.sign
root@Ultraman:/usr/src# gpg2 --verify linux-4.17.tar.sign
gpg: assuming signed data in 'linux-4.17.tar'
gpg: Signature made Sun 03 Jun 2018 02:35:54 PM PDT
gpg: using RSA key 79BE3E4300411886
gpg: Can't check signature: No public key
I tried several times trying to import keys belonging to Linus Torvalds
and Greg Kroah-Hartman. Using this command:
$ gpg2 --locate-keys torvalds@xxxxxxxxxx gregkh@xxxxxxxxxx
I'm stumped. Am I missing something?
Are the keys in your keyring?:
$ gpg2 --list-keys
Any errors when locating the keys?
If the keys are present in your keyring, the answer by Teemu Likonen
<tlikonen@xxxxxx> is the next step to try.