Please keep things on the list so that the most users can be helped.
You need to run the --recv-key command first, or the --verify command
will continue to fail.
Try this:
gpg --keyserver hkp://pool.sks-keyservers.net --recv-key 4F25E3B6
Doug
On 3/17/15 1:23 PM, Clark Rivard wrote:
Doug
I ran the verify command and then tried the recv-key command but it came back
with these messages
"no keyserver known <use option --keyserver>"
"keyserver receive failed: bad URI"
I looked up the keyserver option but don’t know what keyserver name to use?
Thanks.
-----Original Message-----
From: Doug Barton [mailto:dougb@dougbarton.email]
Sent: Tuesday, March 17, 2015 3:07 PM
To: Clark Rivard
Subject: Re: Copy Current GPG Installation to Another Server
You need to download the key referenced in the first message:
gpg --recv-key 4F25E3B6
then do your verify command again:
gpg --verify gnupg-w32cli-1.4.19.exe.sig gnupg-w32cli-1.4.19.exe
and you should get a result like this:
gpg: Signature made Fri Feb 27 00:55:58 2015 PST using RSA key ID 4F25E3B6
gpg: Good signature from "Werner Koch (dist sig)" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
owner.
You can safely ignore the warning, it simply means that you have not validated
the key yourself, which when it comes to signed packages is not really a
necessity.
hope this helps,
Doug
On 3/17/15 12:17 PM, Clark Rivard wrote:
Thanks for your fast response, Doug.
I am new to this so am struggling through for the first time.
I downloaded Version 1.4.19 and am "Checking the Integrity". I have a version
of gpg installed (by someone else a long time ago).
I ran the "gpg" command to check whether the signature file matches
the source file. I get two messages back
"Signature made 02/27/15 03:55:58 using RSA key ID...
"Can't check signature: public key not found"
The ID shown with the first message is a valid ID for Werner Koch per the
documentation I have.
The second line confuses me - makes me wonder if the integrity has been checked.
Has the integrity been properly checked or do I need to do more? Any help you
can provide is much appreciated.
Clark
-----Original Message-----
From: Doug Barton [mailto:dougb@dougbarton.email]
Sent: Tuesday, March 17, 2015 1:16 PM
To: Clark Rivard; gnupg-users@gnupg.org
Subject: Re: Copy Current GPG Installation to Another Server
On 3/17/15 7:23 AM, Clark Rivard wrote:
I currently have GPG 1.4.8 installed on a Windows server. Can the
c:\Programs Files (x86)\GNU\ directory simply be copied to another
server and used or do I need to go through the “download and
installation” process on the new server? Thanks.
1.4.8 is dangerously old. You should download the new version and install in
both locations.
ftp://ftp.gnupg.org/gcrypt/binary/
hope this helps,
Doug
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
