Recent Changes - Search:

Softwares

.

Main /

How-to-verify-signature-of-downloaded-source-file-with-gpg

  • Download PGP public key block, Signature and the software.tar.gz

http://archive.mgm51.com/mirrors/postfix-source/wietse.pgp

http://archive.mgm51.com/mirrors/postfix-source/official/postfix-2.6.5.tar.gz.sig

http://archive.mgm51.com/mirrors/postfix-source/official/postfix-2.6.5.tar.gz

  • Import the PGP public key block 
$ gpg --import wietse.pgp 
gpg: key C12BCD99: public key "Wietse Venema <[email protected]>" imported
gpg: key D5327CB9: public key "wietse venema <[email protected]>" imported
gpg: Total number processed: 2
gpg:               imported: 2  (RSA: 2)
gpg: no ultimately trusted keys found


:~/postfix$ file wietse.pgp
wietse.pgp: PGP public key block
  • List Keys 
:~/postfix$ gpg --list-keys
/home/jyothis/.gnupg/pubring.gpg
--------------------------------
pub   2048R/C12BCD99 2005-02-28
uid                  Wietse Venema <[email protected]>

pub   1022R/D5327CB9 1992-09-25
uid                  wietse venema <[email protected]>
uid                  wietse venema <[email protected]>
  • Verify Signature 
:~/postfix$ gpg --verify postfix-2.6.5.tar.gz.sig postfix-2.6.5.tar.gz
gpg: Signature made Sat Aug 29 00:50:08 2009 UTC using RSA key ID C12BCD99
gpg: Good signature from "Wietse Venema <[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: FF 96 4A 8C 96 88 7C 6E  A4 EF AD BF 48 34 E1 BB
:~/postfix$

Edit - History - Print - Recent Changes - Search
Page last modified on December 08, 2009, at 08:40 AM