Cannot validate Truecrypt signature using GNU Privacy Assistant

Doug Barton dougb at
Wed Nov 10 19:59:07 CET 2010

On 11/10/2010 05:57, Tony Hamilton wrote:

> Using the command<gpg --verify truecrypt-7.0a-linux-x86.tar.gz.sig>
> results in the error messages "gpg: no signed data" and "gpg: can't hash
> datafile: file open error"
> Using the comand<gpg
> --verify /Downloads/truecrypt-7.0a-linux-x86.tar.gz.sig>  results in the
> error messages "gpg: can't open
> `/Downloads/truecrypt-7.0a-linux-x86.tar.gz.sig'" and "gpg: verify
> signatures failed: file open error"
> What am I doing wrong?

For the first error you're not in the directory where the files are. For 
the second you gave a path that doesn't exist. I assume that you've 
actually downloaded both a source tarball (filename.tar.gz) and its 
associated signature (filename.tar.gz.sig). Open up a terminal, and use 
the command 'ls' (no quotes). You should see something like this 
(perhaps with other files and directories listed as well):

truecrypt-7.0a-linux-x64.tar.gz  truecrypt-7.0a-linux-x64.tar.gz.sig

If you don't see truecrypt related files, you're probably in your home 
directory, and the files were downloaded to Downloads, so do this: cd 

Now do ls again, and you should see the files. Now you can do: gpg 
--verify filename.tar.gz.sig and it should work.

Good luck,



	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)

More information about the Gnupg-users mailing list