help-guix
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gpg --verify


From: Catonano
Subject: Re: gpg --verify
Date: Fri, 17 Feb 2017 14:14:03 +0100

2017-02-17 13:45 GMT+01:00 Ricardo Wurmus <address@hidden>:

Catonano <address@hidden> writes:

> $ ls
> Fedora-Workstation-25-1.3-x86_64-CHECKSUM
> Fedora-Workstation-Live-x86_64-25-1.3.iso
> guixsd-usb-install-0.12.0.x86_64-linux
> guixsd-usb-install-0.12.0.x86_64-linux.xz.sig

Looks like you’ve already unpacked the xz archive.  It should work fine
before unpacking.



Right, sorry for the noise

So, this is it now

$ gpg --verify guixsd-usb-install-0.12.0.x86_64-linux.xz.sig
gpg: i dati sono probabilmente firmati in "guixsd-usb-install-0.12.0.x86_64-linux.xz"
gpg: Firma eseguita in data mer 21 dic 2016 13:46:39 CET usando RSA, ID chiave 235FACAC
gpg: lookup_hashtable failed: eof
gpg: Firma valida da "rekado <address@hidden>"
gpg: lookup_hashtable failed: eof
gpg: ATTENZIONE: questa chiave non è certificata con una firma fidata.
gpg:          Non ci sono indicazioni che la firma appartenga al proprietario.
Impronta digitale chiave primaria: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC

There' s a warning

data probably signed in "guixsd-usb-install-0.12.0.x86_64-linux.xz"
...
this key is not certified with a trusted signature
There are no indications that the signature actually belongs to its owner

is this good enough ?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]