I ran the recv-key command again and got a message about "requesting key...from hkp server pool..." but then got "HTTP fetch error 7 couldn't connect: No error"
Any ideas? -----Original Message----- From: Doug Barton [mailto:dougb@dougbarton.email] Sent: Tuesday, March 17, 2015 3:28 PM To: Clark Rivard Cc: GnuPG Users Subject: Re: Copy Current GPG Installation to Another Server Please keep things on the list so that the most users can be helped. You need to run the --recv-key command first, or the --verify command will continue to fail. Try this: gpg --keyserver hkp://pool.sks-keyservers.net --recv-key 4F25E3B6 Doug On 3/17/15 1:23 PM, Clark Rivard wrote: > Doug > > I ran the verify command and then tried the recv-key command but it > came back with these messages > > "no keyserver known <use option --keyserver>" > "keyserver receive failed: bad URI" > > I looked up the keyserver option but don’t know what keyserver name to use? > > Thanks. > > > -----Original Message----- > From: Doug Barton [mailto:dougb@dougbarton.email] > Sent: Tuesday, March 17, 2015 3:07 PM > To: Clark Rivard > Subject: Re: Copy Current GPG Installation to Another Server > > You need to download the key referenced in the first message: > > gpg --recv-key 4F25E3B6 > > then do your verify command again: > > gpg --verify gnupg-w32cli-1.4.19.exe.sig gnupg-w32cli-1.4.19.exe > > and you should get a result like this: > > gpg: Signature made Fri Feb 27 00:55:58 2015 PST using RSA key ID > 4F25E3B6 > gpg: Good signature from "Werner Koch (dist sig)" [unknown] > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the > owner. > > You can safely ignore the warning, it simply means that you have not > validated the key yourself, which when it comes to signed packages is not > really a necessity. > > hope this helps, > > Doug > > > On 3/17/15 12:17 PM, Clark Rivard wrote: >> Thanks for your fast response, Doug. >> >> I am new to this so am struggling through for the first time. >> >> I downloaded Version 1.4.19 and am "Checking the Integrity". I have a >> version of gpg installed (by someone else a long time ago). >> I ran the "gpg" command to check whether the signature file matches >> the source file. I get two messages back >> >> "Signature made 02/27/15 03:55:58 using RSA key ID... >> "Can't check signature: public key not found" >> >> The ID shown with the first message is a valid ID for Werner Koch per the >> documentation I have. >> The second line confuses me - makes me wonder if the integrity has been >> checked. >> >> Has the integrity been properly checked or do I need to do more? Any help >> you can provide is much appreciated. >> >> Clark >> >> >> -----Original Message----- >> From: Doug Barton [mailto:dougb@dougbarton.email] >> Sent: Tuesday, March 17, 2015 1:16 PM >> To: Clark Rivard; gnupg-users@gnupg.org >> Subject: Re: Copy Current GPG Installation to Another Server >> >> On 3/17/15 7:23 AM, Clark Rivard wrote: >>> I currently have GPG 1.4.8 installed on a Windows server. Can the >>> c:\Programs Files (x86)\GNU\ directory simply be copied to another >>> server and used or do I need to go through the “download and >>> installation” process on the new server? Thanks. >> >> 1.4.8 is dangerously old. You should download the new version and install in >> both locations. >> >> ftp://ftp.gnupg.org/gcrypt/binary/ >> >> hope this helps, >> >> Doug >> > _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
