Hi. I am trying to package a program. The upstream provided sha256sum.asc file. Verifying tarball with that signature says, Can't check signature: No public key. I found his public key in key directory by searching his email and added that key. Now gpg says Bad signature from that person. Also upst
use sha256sum instead gpg?вс, 10 нояб. 2019 г., 9:17 Baxi <faezebax@riseup.net>:Hi. I am trying to package a program. The upstream provided sha256sum.asc file. Verifying tarball with that signature says, Can't check signature: No public key. I found his public key in key directory by se
That's right because I have a signature not a checksum. On Nov 10, 2019 10:19, Vascom wrote:It is about signatures, not checksums.вс, 10 нояб. 2019 г., 9:47 Baxi <faezebax@riseup.net>:I followed fedora source file verification and there was nothing about SHA checksum verification. Also
