[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: verify gpg sigs

To: Tim Morgan <tim@timmorgan.org>
Subject: Re: verify gpg sigs
From: Colin Percival <cperciva@tarsnap.com>
Date: Fri, 14 Aug 2009 08:47:49 -0700
Cc: tarsnap-users@tarsnap.com
In-reply-to: <efcb04aa0908140832g3becb8e3v6a102f39d624ab20@mail.gmail.com>
Mailing-list: contact tarsnap-users-help@tarsnap.com; run by ezmlm
References: <efcb04aa0908140822w39afe6b2y5d775934424b5789@mail.gmail.com> <efcb04aa0908140832g3becb8e3v6a102f39d624ab20@mail.gmail.com>

Tim Morgan wrote:
> OK, maybe I figured it out...
> 
> tim@link:~$ gpg tarsnap-sigs-1.0.25.asc
> gpg: Signature made Fri 10 Jul 2009 01:46:39 PM CDT using RSA key ID
> 3DD61E72
> gpg: Good signature from "Tarsnap source code signing key (Colin
> Percival) <cperciva@tarsnap.com <mailto:cperciva@tarsnap.com>>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: ADBD A177 656F D522 8E34  C456 56A4 286A 3DD6 1E72

That works.  Even better, if you run
$ gpg --decrypt tarsnap-sigs-1.0.25.asc
then gpg will output the signed text (i.e. "SHA256 (tarsnap-autoconf-1.0.25.tgz)
= 086787dd9d9985590c17848454e7b4e31327c3a70065c5f2611b1e0a1fddb087").

-- 
Colin Percival
Security Officer, FreeBSD | freebsd.org | The power to serve
Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid

References:
- verify gpg sigs
  - From: Tim Morgan <tim@timmorgan.org>
- Re: verify gpg sigs
  - From: Tim Morgan <tim@timmorgan.org>

Prev by Date: Re: verify gpg sigs
Next by Date: Problems running tarsnap-keygen
Previous by thread: Re: verify gpg sigs
Next by thread: Problems running tarsnap-keygen
Index(es):
- Date
- Thread