HP Garcia [2018-06-10 22:43:33-07] wrote:
> root@Ultraman:/usr/src# gpg2 --verify linux-4.17.tar.sign
> gpg: assuming signed data in 'linux-4.17.tar'
> gpg: Signature made Sun 03 Jun 2018 02:35:54 PM PDT
> gpg: using RSA key 79BE3E4300411886
^^^^^^^^^^^^^^^^
> gpg: Can't check signature: No public key
>
> I tried several times trying to import keys belonging to Linus Torvalds
> and Greg Kroah-Hartman. Using this command:
>
> $ gpg2 --locate-keys torva...@kernel.org gre...@kernel.org
Download the key that was used to sign the package: 79BE3E4300411886.
$ gpg2 --recv-key 79BE3E4300411886
Then the signature should verify nicely.
(Another question is the trust path from you or your key to the key that
was used to sign the package.)
--
/// Teemu Likonen - .-.. <https://keybase.io/tlikonen> //
// PGP: 4E10 55DC 84E9 DFF6 13D7 8557 719D 69D3 2453 9450 ///
signature.asc
Description: PGP signature
