On 7/24/2020 5:50 PM, Semih Ozlem wrote:
On the web page
https://www.debian.org/CD/verify
I am trying to follow the next paragraph.
"To ensure that the checksums files themselves are correct, use GnuPG to
verify them against the accompanying signature files (e.g. SHA512SUMS.sign).
The keys used for these signatures are all in the Debian GPG keyring
<https://keyring.debian.org> and the best way to check them is to use that
keyring to validate via the web of trust."
when I run the command
gpg --verify SHAxSUM.sign SHAxSUM
I get a message saying that
Can't check signature: No public key
How should I proceed to get the necessary public key.
I tried following the link on this page to https://keyring.debian.org/
but I was not able to follow what to do. I tried simple copy and paste of
commands on this page, or their small variants, but was not able to get any
results.
Can someone help please
If you have internet access, give a shot to the below command:
$ gpg --keyserver-options auto-key-retrieve verify SHA512SUMS.sign
SHA512SUMS
Assuming that it works, the next command will be:
$ sha512sum --strict --ignore-missing -c SHA512SUMS
--
John Doe
