GPG fails to verify clamav
Todd Zullinger
tmz at pobox.com
Mon Feb 5 06:19:44 CET 2007
Roy Carin wrote:
> I downloaded clamav 0.90rc3 from
> http://sourceforge.net/project/showfiles.php?group_id=86638&package_id=90197&release_id=483125
>
> I want to verify the integrity of the downloaded file. When I do
>
> gpg --keyserver random.sks.keyserver.penguin.de --verify
> clamav-0.90rc3.tar.gz.sig
>
> it fails, saying this:
>
>> gpg: Signature made Wed Jan 31 18:04:35 2007 CST using DSA key ID 985A444B
>> gpg: Can't check signature: public key not found
>
> René Berber, in message
> <http://article.gmane.org/gmane.comp.security.virus.clamav.user/24861/match=0+90rc3+sourceforge>
> , says that my GPG installation is broken.
>
> Can anyone tell me how I can fix it?
I think that the problem may be that you don't have the key on your
keyring already and you don't have the auto-key-retrieve keyserver
option enabled (it's not enabled by default). You can either enable
that option or import the key before verifying the signature (via a
keyserver webpage or using gpg --recv-key 985A444B).
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
======================================================================
What a terrible thing to have lost one's mind. Or not to have a mind
at all. How true that is.
-- Dan Quayle, speaking to the United Negro College Fund
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
Url : /pipermail/attachments/20070205/7ddee2b5/attachment.pgp
More information about the Gnupg-users
mailing list