[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Tarball signatures

Subject: Re: Tarball signatures
From: Andreas Schneider <asn@xxxxxxxxxxxxxx>
Reply-to: libssh@xxxxxxxxxx
Date: Tue, 11 Jun 2013 09:34:33 +0200
To: libssh@xxxxxxxxxx
Cc: Jason Englander <jasoneng3@xxxxxxxxx>

On Monday 10 June 2013 20:16:50 Jason Englander wrote:
> Is it just me?  0.5.2 verifies OK, but 0.5.3 and 0.5.4 do not.
> 
> 
> $ gpg --verify libssh-0.5.2.tar.gz.asc
> gpg: Signature made Fri 16 Sep 2011 04:00:38 PM EDT using DSA key ID
> F33E3FC6
> gpg: Good signature from "Andreas Schneider <asn@xxxxxxxxxxxxxx>"
> gpg:                 aka "Andreas Schneider <asn@xxxxxxxxx>"
> gpg:                 aka "Andreas Schneider <asn@xxxxxxxxxxxx>"
> gpg:                 aka "Andreas 'GlaDiaC' Schneider <mail@xxxxxxxxxxxx>"
> gpg:                 aka "Andreas Schneider (Packman)
> <andreas@xxxxxxxxxxxxxx>"
> gpg:                 aka "Andreas 'GlaDiaC' Schneider
> <andreas.schneider@xxxxxxxxxxxxxxxx>"
> gpg:                 aka "Andreas 'GlaDiaC' Schneider (linux-gamers.net
> key) <andreas.schneider@xxxxxxxxxxxxxxxx>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: E707 38FE FDB2 95F2 20F3  B73D 7FDE 3E8F F33E
> 3FC6
> 
> 
> $ gpg --verify libssh-0.5.3.tar.asc libssh-0.5.3.tar.gz
> gpg: Signature made Tue 20 Nov 2012 06:43:41 AM EST using DSA key ID
> F33E3FC6
> gpg: BAD signature from "Andreas Schneider <asn@xxxxxxxxxxxxxx>"

The file name is libssh-0.5.3.tar.asc so you have to verify libssh-0.5.3.tar 
which means you need to unzip the gzip file ...


	-- andreas

-- 
Andreas Schneider                   GPG-ID: F33E3FC6
www.cryptomilk.org                asn@xxxxxxxxxxxxxx

Follow-Ups:
Re: Tarball signatures	Jason Englander <jasoneng3@xxxxxxxxx>

References:
Tarball signatures	Jason Englander <jasoneng3@xxxxxxxxx>

Archive administrator: postmaster@lists.cynapses.org