GPG fails to verify clamav

Mon Feb 5 06:12:26 CET 2007

On Sun, Feb 04, 2007 at 08:08:54PM -0600, Roy Carin wrote:
> I downloaded clamav 0.90rc3 from
> http://sourceforge.net/project/showfiles.php?group_id=86638&package_id=90197&release_id=483125
> 
> I want to verify the integrity of the downloaded file. When I do
> 
> gpg --keyserver random.sks.keyserver.penguin.de --verify 
> clamav-0.90rc3.tar.gz.sig
> 
> it fails, saying this:
> 
> > gpg: Signature made Wed Jan 31 18:04:35 2007 CST using DSA key ID 985A444B
> > gpg: Can't check signature: public key not found

Download the key 985A444B:

  gpg --keyserver random.sks.keyserver.penguin.de --recv-keys 985A444B

Then do the verify.

David