New user problems please help
Werner Koch
wk at gnupg.org
Wed Mar 30 17:37:25 CEST 2005
On Tue, 29 Mar 2005 16:29:52 -0600, Steve M Fabac, said:
> gpg --verify gnupg-1.4.1.tar.gz.asc
> (after renaming gnupg-1.4.1.tar.gz.sig to
> gnupg-1.4.1.tar.gz.asc )
Out of curiosity, why did you rename it? Using .sig works just fine.
> gpg: Signature made Tue Mar 15 10:29:15 2005 CST using DSA key ID 57548DCD
> gpg: BAD signature from "Werner Koch (gnupg sig) <dd9jn at gnu.org>"
Someone modified the tarball! However, it is more likely that you had
a problem during download (e.g. not using binary mode).
Check the size:
4059170 Mar 15 17:11 gnupg-1.4.1.tar.gz
as well as the checksum
$ sha1sum gnupg-1.4.1.tar.gz
f8e982d5e811341a854ca9c15feda7d5aba6e09a gnupg-1.4.1.tar.gz
If the length does not match, you had a download problem: check local
diskspace as well as binary/ascii setting of the FTP client. If the
checksum matches and the signature does not, then there is a problem
with the .sig file.
> PS, I downloaded gnupg 1.2 pre-compiled and installed it and used it
> to run the gpg commands above.
And how did you make sure that this version has not been modified?
Salam-Shalom,
Werner
More information about the Gnupg-users
mailing list