Checking SHA256SUMS against SHA256SUMS.sign .
Good time of the day.
I try to check live CDs SHA256SUMS against SHA256SUMS.sign:
under normal user:
gpg --verify SHA256SUMS.sign SHA256SUMS
gpg: directory `/home/__/gue/.gnupg' created
gpg: new configuration file `/home/__/gue/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/__/gue/.gnupg/gpg.conf' are not yet
active during this run gpg: keyring `/home/__/gue/.gnupg/pubring.gpg'
created gpg: Signature made Mon 17 Oct 2011 07:55:55 PM GMT-7 using RSA
key ID 6CA7B5A6 gpg: Can't check signature: public key not found
then by root user:
# gpg --recv-key --keyserver subkeys.pgp.net 6CA7B5A6 && gpg
--verify ./SHA256SUMS.sign gpg: requesting key 6CA7B5A6 from hkp server
subkeys.pgp.net gpg: key 6CA7B5A6: "Debian Live Signing Key
<debian-live@lists.debian.org>" not changed gpg: Total number
processed: 1 gpg: unchanged: 1
gpg: no signed data
gpg: can't hash datafile: file open error
Now, under normal user:
$ gpg --verify SHA256SUMS.sign SHA256SUMS
gpg: Signature made Mon 17 Oct 2011 07:55:55 PM GMT-7 using RSA key ID
6CA7B5A6 gpg: Good signature from "Debian Live Signing Key
<debian-live@lists.debian.org>" gpg: WARNING: This key is not certified
with a trusted signature! gpg: There is no indication that the
signature belongs to the owner. Primary key fingerprint: 696F 95F0 88E4
D359 947F 7AEB 6F95 B499 6CA7 B5A6
So, how I can fix these 2 errors:
"gpg: no signed data
gpg: can't hash datafile: file open error"
"gpg: WARNING: This key is not certified
with a trusted signature! gpg: There is no indication that the
signature belongs to the owner."
?
Thanks for Your time.
Reply to: