Re: Verifying Digital Signatures

To: debian-user@lists.debian.org
Subject: Re: Verifying Digital Signatures
From: john doe <johndoe65534@mail.com>
Date: Mon, 11 Jun 2018 08:32:10 +0200
Message-id: <[🔎] 889f622e-548f-8f7a-7d0a-176e3d39b178@mail.com>
In-reply-to: <[🔎] 20180610224333.5a4d5c25@Ultraman.madgoat.net>
References: <[🔎] 20180610224333.5a4d5c25@Ultraman.madgoat.net>

On 6/11/2018 7:43 AM, HP Garcia wrote:

I'm following the steps to verify kernel signatures using GNUpg. I'm
following the directions from
https://www.kernel.org/category/signatures.html.

Where I am getting stumped is verifying the tar against the signature.

linux-4.17  linux-4.17.tar  linux-4.17.tar.sign
root@Ultraman:/usr/src# gpg2 --verify linux-4.17.tar.sign
gpg: assuming signed data in 'linux-4.17.tar'
gpg: Signature made Sun 03 Jun 2018 02:35:54 PM PDT
gpg:                using RSA key 79BE3E4300411886
gpg: Can't check signature: No public key

I tried several times trying to import keys belonging to Linus Torvalds
and Greg Kroah-Hartman. Using this command:

$ gpg2 --locate-keys torvalds@kernel.org gregkh@kernel.org

I'm stumped. Am I missing something?


Are the keys in your keyring?:

$ gpg2 --list-keys

Any errors when locating the keys?

--
John Doe

Reply to:

Follow-Ups:
- Re: Verifying Digital Signatures
  - From: deloptes <deloptes@gmail.com>
- Re: Verifying Digital Signatures
  - From: john doe <johndoe65534@mail.com>

References:
- Verifying Digital Signatures
  - From: HP Garcia <portamex@garlic.com>

Prev by Date: Re: Verifying Digital Signatures
Next by Date: Re: Verifying Digital Signatures
Previous by thread: Re: Verifying Digital Signatures
Next by thread: Re: Verifying Digital Signatures
Index(es):
- Date
- Thread