verify TrueCrypt

Hubert Kario hubert at kario.pl
Wed Feb 22 11:41:20 CET 2012 

On Wednesday 22 of February 2012 10:15:50 Marco Dorigo wrote:
> Hi,
> 
> i have a problem verifying the truecrypt pgp-key. I searched the whole
> internet already for a solution and even the gnupg-lists archive...
> 
> I followed the howto on truecrypt
> (http://www.truecrypt.org/docs/?s=digital-signatures) up to step 6.
> However, the last one won't work. I'll try to verify with:
> 
> gpg --verify truecrypt-7.1a-linux-x64.tar.gz.sig
> truecrypt-7.1a-linux-x64.tar.gz
> 
> (I tried it already with every other combination I could imagine:
> 
> gpg --verify truecrypt-7.1a-linux-x64.tar.gz.sig
> TrueCrypt-Foundation-Public-Key.asc
> 
> etc...)
> 
> What I did so far is:
> 
> 1) Create a key with:
>     gpg --gen-key
> 
> 2) Download the public key of TrueCrypt from
> http://www.truecrypt.org/downloads2, change into the Downloads-directory
> and import the key with: gpg --import TrueCrypt-Foundation-Public-Key.asc
> 
> 3) Signing the key with my under 1) generated key:
>   gpg --edit-key F0D6B1E0
>   I set
> 
>   >trust
> 
>   to marginal (using choice number 3)
>   and then
> 
>   >sign
> 
>   I sign it with the above generated key and my password.
> 
> I think I did something wrong at this step!?
> 
> Because when I'm trying to verify it
> gpg --verify truecrypt-7.1a-linux-x64.tar.gz.sig
> truecrypt-7.1a-linux-x64.tar.gz it just says:
> gpg: verify signatures failed: eof
> 
> I hope that is enough information for solving my prob. Of course, I
> downloaded the tar.gz.sig file to the same directory...
> 
> Thanks in advance!
> 
> md

The truecrypt-7.1a-linux-x64.tar.gz.sig file is only 72 bytes long.

It may be because of long keys used by Arch developers, but all signature 
files I see are 287 bytes long.

I'd go and ask the developers directly.
-- 
Hubert Kario
hubert at kario.pl     kario at wit.edu.pl    https://hubert.kario.pl
PGP: 30D7 71F5 2F6F B157 872C  D811 A1D0 6BC9 8956 DCFE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20120222/ceed4773/attachment.pgp>

More information about the Gnupg-users mailing list