gpg: BAD signature from
Pete Stephenson
pete at heypete.com
Wed Dec 23 21:34:51 CET 2015
On Wed, Dec 23, 2015 at 1:14 PM, stevehendo34 <stevehendo34 at gmail.com> wrote:
> Downloaded armory-bin.tar.gz from arch AUR
>
> On Armory site they gave public key text in ASCII format.
> I saved it to armory_key.txt
> I imported this public key from armory_key.txt file to my key ring.
> gpg --list-keys
> pub rsa4096/98832223 2012-02-28
> uid [ unknown] Alan C. Reiner (Offline Signing Key)
> <alan at bitcoinarmory.com>
> uid [ unknown] Alan C. Reiner (Armory Signing Key)
> <etotheipi at gmail.com>
> uid [ unknown] Alan C. Reiner (Armory Signing Key)
> <alan.reiner at gmail.com>
> sub rsa4096/DE6B2D74 2012-02-28
> t
>
> The also gave signature in ascii and I saved that to armory_sig.txt
> gpg --verify armory_sig.txt armory-bin.tar.gz
> gpg: Signature made Sun Jun 7 20:46:36 2015 CDT using RSA key ID 98832223
> gpg: BAD signature from "Alan C. Reiner (Offline Signing Key)
> <alan at bitcoinarmory.com>" [unknown]
>
> The key ID 98832223 match whats on their site 0x98832223, and whats on my
> keyring, but
> Can you explain what the third line means why (BAD signature)?
>
> I am pretty much new to all this stuff!
Hi Steve,
Welcome!
The error means that the data you downloaded doesn't match the data
that was originally signed by the author. It's possible this could be
due to an error by the signer, a transmission error over the internet,
or intentional tampering.
Cheers!
-Pete
--
Pete Stephenson
More information about the Gnupg-users
mailing list