On Thu May 14 04:19 AM, Cláudio Vieira wrote:
Hello all,
Having discovered Adélie Linux very recently I became keen on
exploring it and joining the party!
Yay!
I was not able to find anywhere instructions on how to verify the
hashes and signatures of distribution files made available for
download.
You'll have to fiddle with importing the key and assigning an
appropriate trust to it, but once you do that:
gpg --verify filename.asc filename
Verifying the SHA hashes is no problem at all.
Verifying the PGP signatures requires the public key used for signing.
Which key is it (fingerprint)? Where to get it from?
It seems a lot of the public keyservers are having problems at the
moment, but these seem to work:
https://keys.openpgp.org/vks/v1/by-fingerprint/8CDC963983D4D5269348C1C7CB...
http://pool.sks-keyservers.net/key/0xCB29CB51922B9D14
I've also attached a copy. The fingerprint is
8CDC963983D4D5269348C1C7CB29CB51922B9D14.
I know how to do these verifications and will contribute to the
documentation by writing a section on this topic.
Please do! You can submit a merge request to our documentation project
(preferred) or try to add something to the wiki (though I think we would
need to manually approve your account).
Max