Copy Current GPG Installation to Another Server
CRivard at merkleinc.com
Tue Mar 17 21:42:48 CET 2015
I ran the recv-key command again and got a message about "requesting key...from hkp server pool..." but then got "HTTP fetch error 7 couldn't connect: No error"
From: Doug Barton [mailto:dougb at dougbarton.email]
Sent: Tuesday, March 17, 2015 3:28 PM
To: Clark Rivard
Cc: GnuPG Users
Subject: Re: Copy Current GPG Installation to Another Server
Please keep things on the list so that the most users can be helped.
You need to run the --recv-key command first, or the --verify command will continue to fail.
gpg --keyserver hkp://pool.sks-keyservers.net --recv-key 4F25E3B6
On 3/17/15 1:23 PM, Clark Rivard wrote:
> I ran the verify command and then tried the recv-key command but it
> came back with these messages
> "no keyserver known <use option --keyserver>"
> "keyserver receive failed: bad URI"
> I looked up the keyserver option but don’t know what keyserver name to use?
> -----Original Message-----
> From: Doug Barton [mailto:dougb at dougbarton.email]
> Sent: Tuesday, March 17, 2015 3:07 PM
> To: Clark Rivard
> Subject: Re: Copy Current GPG Installation to Another Server
> You need to download the key referenced in the first message:
> gpg --recv-key 4F25E3B6
> then do your verify command again:
> gpg --verify gnupg-w32cli-1.4.19.exe.sig gnupg-w32cli-1.4.19.exe
> and you should get a result like this:
> gpg: Signature made Fri Feb 27 00:55:58 2015 PST using RSA key ID
> gpg: Good signature from "Werner Koch (dist sig)" [unknown]
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg: There is no indication that the signature belongs to the
> You can safely ignore the warning, it simply means that you have not validated the key yourself, which when it comes to signed packages is not really a necessity.
> hope this helps,
> On 3/17/15 12:17 PM, Clark Rivard wrote:
>> Thanks for your fast response, Doug.
>> I am new to this so am struggling through for the first time.
>> I downloaded Version 1.4.19 and am "Checking the Integrity". I have a version of gpg installed (by someone else a long time ago).
>> I ran the "gpg" command to check whether the signature file matches
>> the source file. I get two messages back
>> "Signature made 02/27/15 03:55:58 using RSA key ID...
>> "Can't check signature: public key not found"
>> The ID shown with the first message is a valid ID for Werner Koch per the documentation I have.
>> The second line confuses me - makes me wonder if the integrity has been checked.
>> Has the integrity been properly checked or do I need to do more? Any help you can provide is much appreciated.
>> -----Original Message-----
>> From: Doug Barton [mailto:dougb at dougbarton.email]
>> Sent: Tuesday, March 17, 2015 1:16 PM
>> To: Clark Rivard; gnupg-users at gnupg.org
>> Subject: Re: Copy Current GPG Installation to Another Server
>> On 3/17/15 7:23 AM, Clark Rivard wrote:
>>> I currently have GPG 1.4.8 installed on a Windows server. Can the
>>> c:\Programs Files (x86)\GNU\ directory simply be copied to another
>>> server and used or do I need to go through the “download and
>>> installation” process on the new server? Thanks.
>> 1.4.8 is dangerously old. You should download the new version and install in both locations.
>> hope this helps,
More information about the Gnupg-users