> when I run the command > gpg --verify SHAxSUM.sign SHAxSUM > I get a message saying that > > Can't check signature: No public key You should have the needed key(s) in /etc/apt/trusted.gpg, but to be honest I don't know how to best pass those to GPG. Stefan