[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Verifying GPG keys for Ubuntu install

To: tarsnap-users@tarsnap.com
Subject: Verifying GPG keys for Ubuntu install
From: Brian Foley <brianf@sindar.net>
Date: Fri, 21 Jan 2022 22:00:47 +0000

Hi All,

I am following these instructions to install tarsnap on ubuntu: https://www.tarsnap.com/pkg-deb.html

The instructions say:

gpg --list-packets tarsnap-deb-packaging-key.asc | grep signature

:signature packet: algo 1, keyid B364F774EAC3C4DF

:signature packet: algo 17, keyid 38CECA690C6A6A6E

The first keyid is the Tarsnap deb packaging key, while the second is Colin Percival's key (0x38CECA690C6A6A6E). These keyid values should match those on a public key server search for 0xB364F774EAC3C4DF.

However, when I perform the same steps I get:

gpg --list-packets tarsnap-deb-packaging-key.asc | grep signature

:signature packet: algo 1, keyid BF75EEAB040E447C

:signature packet: algo 17, keyid 38CECA690C6A6A6E

Has the tarsnap GPG key changed? If so, can the docs on the website be updated for clarity?

Thanks,

Brian

Follow-Ups:
- Re: Verifying GPG keys for Ubuntu install
  - From: Graham Percival <gperciva@tarsnap.com>

Prev by Date: Re: Getting rid of cruft... without the keyfile.
Next by Date: Re: Verifying GPG keys for Ubuntu install
Previous by thread: Getting rid of cruft... without the keyfile.
Next by thread: Re: Verifying GPG keys for Ubuntu install
Index(es):
- Date
- Thread