Re: [Clamav-users] Re: 0.90rc3 from Sourceforge: How do I use the .sig file?

Roy Carin Fri, 02 Feb 2007 21:37:55 -0800

On 02/02/2007 04:11 PM, René Berber wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Roy Carin wrote:

I just downloaded clamav 0.90rc3 from Sourceforge here:
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id=90197&release_id=483125

At first I though the .sig file was an md5-sum or sha1-sum, but it's
binary data. How do I use it to check the integrity of the tar file?


Use `gpg --verify clamav-0.90rc3.tar.gz.sig` (with the .tar.gz in the same
directory).

You may have to import the keys if you don't have a default key server, in such
cases I use: gpg --keyserver random.sks.keyserver.penguin.de --verify ...
- --
René Berber
[...]


Thanks René. This is what I get when I do that:

$ gpg --keyserver random.sks.keyserver.penguin.de
--verify  clamav-0.90rc3.tar.gz.sig
gpg: Signature made Wed Jan 31 18:04:35 2007 CST using DSA key ID 985A444B
gpg: Can't check signature: public key not found
$



--

Send instant messages to your online friends http://au.messenger.yahoo.com_______________________________________________

Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Re: 0.90rc3 from Sourceforge: How do I use the .sig file?

Reply via email to