10:19 p.m.
Hello all,
Having discovered Adélie Linux very recently I became keen on exploring it and joining the
party!
I was not able to find anywhere instructions on how to verify the hashes and signatures of
distribution files made available for download.
Verifying the SHA hashes is no problem at all.
Verifying the PGP signatures requires the public key used for signing. Which key is it
(fingerprint)? Where to get it from?
I know how to do these verifications and will contribute to the documentation by writing a
section on this topic.
Regards,
Cláudio Vieira
11:09 a.m.
Hello Max,
Thank you for a fast reply. That was exactly the information I needed!
Verification of Adélie hashes and signatures was successful, as expected.
I have registered at code.foxkit.us and will submit a merge request shortly.
Regards,
Cláudio Vieira
On 14 May 2020, at 05:27, Max Rees <maxcrees(a)me.com> wrote:
On Thu May 14 04:19 AM, Cláudio Vieira wrote:
> Hello all,
>
> Having discovered Adélie Linux very recently I became keen on
> exploring it and joining the party!
Yay!
> I was not able to find anywhere instructions on how to verify the
> hashes and signatures of distribution files made available for
> download.
You'll have to fiddle with importing the key and assigning an
appropriate trust to it, but once you do that:
gpg --verify filename.asc filename
> Verifying the SHA hashes is no problem at all.
>
> Verifying the PGP signatures requires the public key used for signing.
> Which key is it (fingerprint)? Where to get it from?
It seems a lot of the public keyservers are having problems at the
moment, but these seem to work:
https://keys.openpgp.org/vks/v1/by-fingerprint/8CDC963983D4D5269348C1C7CB...
http://pool.sks-keyservers.net/key/0xCB29CB51922B9D14
I've also attached a copy. The fingerprint is
8CDC963983D4D5269348C1C7CB29CB51922B9D14.
> I know how to do these verifications and will contribute to the
> documentation by writing a section on this topic.
Please do! You can submit a merge request to our documentation project
(preferred) or try to add something to the wiki (though I think we would
need to manually approve your account).
Max
<awilcox.asc>_______________________________________________
Ad?lie Users mailing list -- adelie-users(a)lists.adelielinux.org
To unsubscribe send an email to adelie-users-leave(a)lists.adelielinux.org
11:27 p.m.
On Thu May 14 04:19 AM, Cláudio Vieira wrote:
Hello all,
Having discovered Adélie Linux very recently I became keen on
exploring it and joining the party!
Yay!
I was not able to find anywhere instructions on how to verify the
hashes and signatures of distribution files made available for
download.
You'll have to fiddle with importing the key and assigning an
appropriate trust to it, but once you do that:
gpg --verify filename.asc filename
Verifying the SHA hashes is no problem at all.
Verifying the PGP signatures requires the public key used for signing.
Which key is it (fingerprint)? Where to get it from?
It seems a lot of the public keyservers are having problems at the
moment, but these seem to work:
https://keys.openpgp.org/vks/v1/by-fingerprint/8CDC963983D4D5269348C1C7CB...
http://pool.sks-keyservers.net/key/0xCB29CB51922B9D14
I've also attached a copy. The fingerprint is
8CDC963983D4D5269348C1C7CB29CB51922B9D14.
I know how to do these verifications and will contribute to the
documentation by writing a section on this topic.
Please do! You can submit a merge request to our documentation project
(preferred) or try to add something to the wiki (though I think we would
need to manually approve your account).
Max
361
days inactive
362
days old
adelie-users@lists.adelielinux.org
2 comments
2 participants
participants (2)
-
Cláudio Vieira -
Max Rees