Baxi wrote: > Hi. I am trying to package a program. The upstream provided sha256sum.asc > file. Verifying tarball with that signature says, Can't check signature: No > public key. I found his public key in key directory by searching his email > and added that key. Now gpg says Bad signature from that person. Also > upstream didn't provide gpg keyring in his project. What should I do?
Please post URLs to the files so I can see what kind of signatures or checksums they actually contain. Björn Persson
pgpPcix9X57Ps.pgp
Description: OpenPGP digital signatur
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
