verify gcc download
d.durham26 at yahoo.com
Tue Dec 22 15:46:39 CET 2009
I am trying to verify the download of a gcc-4.1.0.tar.bz2 file. I
also downloaded the corresponding gcc-4.1.0.tar.bz2.sig file. I have
tried gpg --verify gcc-4.1.0.tar.bz2.sig gcc-4.1.0.tar.bz2, but it says
"can't check signature, public key not found." Does this mean the file
has been verified, but just not the signature? The file at
ftp.gnu.org/MISSING-FILES.README says that all releases after 8-1-2003
will be signed by the gpg maintainer who prepared the release. Does
this mean I need to get the public keys of each maintainer for each
software release I download? If so, could you please tell me how and
where to get the appropriate public keys?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users