Go to any public key server and get that key ID.

However, before doing that, I'd first verify the checksum without using GnuPG.  
That process should also have been described on the download page.



-----Original Message-----
From: Gnupg-users [mailto:gnupg-users-bounces+sbutler=fchn....@gnupg.org] On 
Behalf Of Simon Albrecht
Sent: Monday, October 03, 2016 6:36 AM
To: gnupg-users@gnupg.org
Subject: What to do at failed integrity check?

Hello everybody,

I’m having a problem getting GnuPG set up: I downloaded the tarball and 
signature (for v2.0.30), then did the integrity check as described on 
<https://www.gnupg.org/download/integrity_check.html> using the packaged 
version of GnuPG (1.4.something), and it failed with this message:

gpg: Signature made Do 31 Mär 2016 12:56:02 CEST using RSA key ID 4F25E3B6
gpg: Can't check signature: public key not found

I already tried getting the files from a mirror – same thing.

Now, the instructions on the linked webpage only say ‘the file should be 
treated suspiciously’. But what can I do now? Just use it anyway and hope it’s 
not a real problem?

Best regards,
Simon Albrecht

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

-- 
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, 
is for the sole use of the intended recipient(s) and may contain 
confidential 
and privileged information. Any unauthorized review, use, disclosure or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to