Can't verify key
George Sinclair
gsinclair@nodc.noaa.gov
Wed Feb 14 22:18:28 2001
Hello,
Perhaps I should e-mail the author on this one, but since this
involves signatures, and the signature is a PGP signature, I thought
I'd at least start here.
I'm running GnuPG version 1.0.4 on Solaris. I want to verify the
signature file (quintuple-agent-1.0.0.tar.gz.sig) for the new
quintuple agent (replaces secret-agent) gzip tarball file
(quintuple-agent-1.0.0.tar.gz) available from:
http://www.vibe.at/tools/secret-agent
but I receive the following message:
gpg --verify quintuple-agent-1.0.0.tar.gz.sig
gpg: Warning: using insecure memory!
gpg: Signature made Mon Feb 12 15:44:19 2001 EST using DSA key ID BC185AB3
gpg: Can't check signature: public key not found
I found the author's (Robert Bihlmeyer) public key (see below) from:
http://stud4.tuwien.ac.at/~e9426626/sig.html
I have no way to verify its validity, but I gotta start
somewhere. Anyway, I copied and pasted it to a file named 'robbe.key'
and then imported as:
gpg --import robbe.key
Key imports fine, but the above error is generated. Additionally, just
laughs, I also imported this into my PGP keyring (ver. 5.0), and it
generates the following error when verifying:
pgpv quintuple-agent-1.0.0.tar.gz.sig
This signature applies to another message
File to check signature against [quintuple-agent-1.0.0.tar.gz]:
Signature by unknown keyid: 0xBC185AB3
1. I realize this is a PGP signature, but can GnuPG 1.0.4 handle this,
and if not, what can I do?
2. If the public key I found is wrong, does anyone have the correct one?
3. If GnuPG can't work with this, and my version of PGP (5.0) won't,
does anyone have a checksum for the gzipped tarball that
they could provide to me as an additional corroborating piece of
evidence to ensure I have the right *untainted* file. Yes, I can
e-mail the author, but I'd like to have tertiary confirmation.
Thanks mucho!!!
George Sinclair } gsinclair@nodc.noaa.gov
PUBLIC KEY FOR Robert Bihlmeyer as copied and pasted from:
http://stud4.tuwien.ac.at/~e9426626/sig.html
Key for user ID: Robert Bihlmeyer <robbe@orcus.priv.at>
1001-bit key, Key ID F5B09AB5, created 1995/11/16
Also known as: Robert Bihlmeyer <robbe@orcus.ping.at>
Also known as: Robert Bihlmeyer <e9426626@student.tuwien.ac.at>
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2i
mQCLAjCrpfoAAAED6QHCamPMbTRmI3rt/UEwob5zcrTQdxNxD6bp5SAviwuuyg64
zhvwZJcTPS9taMTZvHWP3P4QZEMD68HOO0d1rkeTXLY7qeaYvf2is+QVx+zubeI2
uwQPgnZQjJpUkydC8dEoseGX2PnFjUNj6BjFbNiJ6M6OuGhPfuak9bCatQAFE7Qm
Um9iZXJ0IEJpaGxtZXllciA8cm9iYmVAb3JjdXMucHJpdi5hdD60JlJvYmVydCBC
aWhsbWV5ZXIgPHJvYmJlQG9yY3VzLnBpbmcuYXQ+iQCSAgUQMMFbZU9+5qT1sJq1
AQE6WAPorXofHvpDk4wY3bd/yaqqQZpyKl4as3iAJJUT8YaYd8pwgBkHlf4vzT0W
mA7bLx4YWWcJ8bu4m3vDscNiSewPmtu6M0o1lgWOrb5GFl4gujrleILmGZ6ooiVt
TbU7aKhn35GZgui+9cYRQGgVYKj86LyMEtXMkwBOVNxOoHS0MFJvYmVydCBCaWhs
bWV5ZXIgPGU5NDI2NjI2QHN0dWRlbnQudHV3aWVuLmFjLmF0Pg==
=4Kw7
-----END PGP PUBLIC KEY BLOCK-----