Re: gpgv: Can't check signature: public key not found

[Sven Joachim <svenjoac@gmx.de>]

On 2010-10-13 05:07 +0200, Kamaraju S Kusumanchi wrote:

> I am pretty sure this is a very trivial issue. But googling for the error 
> returns lot of hits none of which I find useful.
>
> I packaged a small program called lapack95. I uploaded the files to 
> sourceforge website after signing them ( 
> https://sourceforge.net/projects/sampleusage/files_beta/lapack95_deb/ ).
> The files in 3.0-2 version are signed, files in 3.0-1 version are not.
>
> I signed them using
> $ debsign -k8D556DA9 lapack95_3.0-2_i386.change
>
> However if I download the files back and do
>
> $ dpkg-source -x lapack95_3.0-2.dsc                                                                                                                                                
> gpgv: Signature made Tue 12 Oct 2010 10:01:24 PM EDT using DSA key ID 
> 8D556DA9
> gpgv: Can't check signature: public key not found
> dpkg-source: warning: failed to verify signature on ./lapack95_3.0-2.dsc
> dpkg-source: info: extracting lapack95 in lapack95-3.0
> dpkg-source: info: unpacking lapack95_3.0.orig.tar.gz
> dpkg-source: info: unpacking lapack95_3.0-2.debian.tar.gz
> dpkg-source: info: applying debian-changes-3.0-1
>
>
> What should I do to make dpkg-source recognize my keys? Should I add them to 
> somewhere?

Yes, export them to ~/.gnupg/trustedkeys.gpg.

Sven