I'm running FreeBSD 9.0 and I've installed both pgp and gnupg. I've downloaded postfix-2.9.4.tar.gz, postfix-2.9.4.tar.gz.sig, wietse.pgp and I'm trying to verify the tarball signature.
I've taken the following steps (which I found at - http://www.itmission.org/Main/How-to-verify-signature-of-downloaded-source-file-with-gpg): gpg --import wietse.pgp file wietse.pgp wietse.pgp: PGP public key block gpg --list-keys /root/.gnupg/pubring.gpg ------------------------ pub 2048R/C12BCD99 2005-02-28 uid Wietse Venema <wie...@porcupine.org> pub 1022R/D5327CB9 1992-09-25 uid wietse venema <wie...@porcupine.org> uid wietse venema <wie...@wzv.win.tue.nl> gpg --verify postfix-2.9.4.tar.gz.sig postfix-2.9.4.tar.gz gpg: no valid OpenPGP data found. gpg: the signature could not be verified. Please remember that the signature file (.sig or .asc) should be the first file given on the command line. What am I doing wrong??? Thank you! Ed
