What to do at failed integrity check?
Steve Butler
sbutler at fchn.com
Mon Oct 3 22:31:35 CEST 2016
Go to any public key server and get that key ID.
However, before doing that, I'd first verify the checksum without using GnuPG. That process should also have been described on the download page.
-----Original Message-----
From: Gnupg-users [mailto:gnupg-users-bounces+sbutler=fchn.com at gnupg.org] On Behalf Of Simon Albrecht
Sent: Monday, October 03, 2016 6:36 AM
To: gnupg-users at gnupg.org
Subject: What to do at failed integrity check?
Hello everybody,
I’m having a problem getting GnuPG set up: I downloaded the tarball and signature (for v2.0.30), then did the integrity check as described on <https://www.gnupg.org/download/integrity_check.html> using the packaged version of GnuPG (1.4.something), and it failed with this message:
gpg: Signature made Do 31 Mär 2016 12:56:02 CEST using RSA key ID 4F25E3B6
gpg: Can't check signature: public key not found
I already tried getting the files from a mirror – same thing.
Now, the instructions on the linked webpage only say ‘the file should be treated suspiciously’. But what can I do now? Just use it anyway and hope it’s not a real problem?
Best regards,
Simon Albrecht
_______________________________________________
Gnupg-users mailing list
Gnupg-users at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
--
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential
and privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.
More information about the Gnupg-users
mailing list