[cfe-users] how to verify downloads without public key?

Larry Evans via cfe-users Fri, 12 Apr 2019 04:11:45 -0700

I've just downloaded:

http://releases.llvm.org/8.0.0/clang+llvm-8.0.0-x86_64-linux-gnu-ubuntu-18.04.tar.xz
http://releases.llvm.org/8.0.0/clang+llvm-8.0.0-x86_64-linux-gnu-ubuntu-18.04.tar.xz.sig


but when I tried to verify the download with:

gpg2 --verify clang+llvm-8.0.0-x86_64-linux-gnu-ubuntu-18.04.tar.xz.sigclang+llvm-8.0.0-x86_64-linux-gnu-ubuntu-18.04.tar.xz


I got:

gpg: enabled debug flags: memstat
gpg: Signature made Thu 21 Mar 2019 03:34:38 AM CDT
gpg:                using RSA key B6C8F98282B944E3B0D5C2530FC3042E345AD05D
gpg: Can't check signature: No public key

How can I verify the download without a public key?

-regards,
Larry

_______________________________________________
cfe-users mailing list
cfe-users@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-users

[cfe-users] how to verify downloads without public key?

Reply via email to