Cannot validate Truecrypt signature using GNU Privacy Assistant

Tony Hamilton shaky.start at ntlworld.com
Wed Nov 10 14:57:24 CET 2010


I looked at the Ubuntu forums and find that the few posts that are
there, on problems when using GNU Privacy Assistant, have resulted in
zero replies. I would appreciate some advice from this mailing list as I
do not seem to be able to find a user guide for the GUI for GNUPA.

Firstly I am following the Truecrypt installation tutorial - on how to
verify PGP signatures. Truecrypt is not yet installed. That tutorial is
at http://www.truecrypt.org/docs/?s=digital-signatures

I have installed GNU Privacy Assistant on my Ubuntu 10.10 system. I have
created my own key. The first 5 steps at the above URL are completed. I
have signed the truecypt public key. I have downloaded the signature for
the latest Linux version of the truecrypt product

I am now trying to verify that signature using GNUPA - using either the
GUI or the command line; both fail, but with different error messages.
Please note, they do NOT state that the signature is invalid.

The GNUPA GUI approach can find the signature file; clicking on the
'check signature of selected file' icon results in the error message
"<fully qualified filename> No such file or directory".

Using the command <gpg --verify truecrypt-7.0a-linux-x86.tar.gz.sig>
results in the error messages "gpg: no signed data" and "gpg: can't hash
datafile: file open error"

Using the comand <gpg
--verify /Downloads/truecrypt-7.0a-linux-x86.tar.gz.sig> results in the
error messages "gpg: can't open
`/Downloads/truecrypt-7.0a-linux-x86.tar.gz.sig'" and "gpg: verify
signatures failed: file open error"


What am I doing wrong?




More information about the Gnupg-users mailing list