[nmglug] program signature unravel

Nick Frost nickf at frostitute.com
Sun Feb 6 14:46:21 PST 2011 

On Feb 6, 2011, at 3:28 PM, a wrote:

> Hi;
> Trying to unravel the the program signature, any obvious errors or
> suggestions?

If i am not mistaken this means you successfully imported Erinn  
Clark's key but the file you downloaded has a bad checksum because  
it's failing on the signature.  You could try downloading the .asc  
file and .gz files

> tor-browser-gnu-linux-x86_64-1.1.4-dev-en-US.tar.gz.asc tor-browser- 
> gnu-linux-x86_64-1.1.4-dev-en-US.tar.gz


  again and seeing if that cures the problem.

<hostname-computer-redacted>:Desktop nickf$ gpg --keyserver hkp:// 
keys.gnupg.net --recv-keys 0x63FEE659
gpg: requesting key 63FEE659 from hkp server keys.gnupg.net
gpg: key 63FEE659: public key "Erinn Clark <erinn at torproject.org>"  
imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2014-09-23
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
<hostname-computer-redacted>:Desktop nickf$ gpg --verify tor-browser- 
gnu-linux-x86_64-1.1.4-dev-en-US.tar.asc tor-brows
er-gnu-linux-x86_64-1.1.4-dev-en-US.tar.gz
gpg: Signature made Wed Jan 26 04:37:36 2011 MST using RSA key ID  
63FEE659
gpg: Good signature from "Erinn Clark <erinn at torproject.org>"
gpg:                 aka "Erinn Clark <erinn at debian.org>"
gpg:                 aka "Erinn Clark <erinn at double-helix.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the  
owner.
Primary key fingerprint: 8738 A680 B84B 3031 A630  F2DB 416F 0610 63FE  
E659
>
>
> a at desktop:~$ gpg --keyserver hkp://keys.gnupg.net --recv-keys  
> 0x63FEE659
> gpg: requesting key 63FEE659 from hkp server keys.gnupg.net
> gpg: key 63FEE659: "Erinn Clark <erinn at torproject.org>" not changed
> gpg: Total number processed: 1
> gpg:              unchanged: 1
> a at desktop:~$ gpg --fingerprint 63FEE659
> pub   2048R/63FEE659 2003-10-16
>      Key fingerprint = 8738 A680 B84B 3031 A630  F2DB 416F 0610 63FE
> E659
> uid                  Erinn Clark <erinn at torproject.org>
> uid                  Erinn Clark <erinn at debian.org>
> uid                  Erinn Clark <erinn at double-helix.org>
> sub   2048R/EB399FD7 2003-10-16
>
> a at desktop:~$  gpg
> --verify /home/a/Downloads/tor-browser-gnu-linux-x86_64-1.1.4-dev-en- 
> US.tar.gz.asc /home/a/Downloads/tor-browser-gnu-linux-x86_64-1.1.4- 
> dev-en-US.tar.gz
> gpg: Signature made Wed 26 Jan 2011 04:37:36 AM MST using RSA key ID
> 63FEE659
> gpg: BAD signature from "Erinn Clark <erinn at torproject.org>"
> a at desktop:~$
>
>
> _______________________________________________
> nmglug mailing list
> nmglug at lists.nmglug.org
> http://lists.nmglug.org/listinfo.cgi/nmglug-nmglug.org

---------------------------------------
Nicholas S. Frost
7 Avenida Vista Grande #325
Santa Fe, NM  87508
nickf at frostitute.com
----------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4372 bytes
Desc: not available
URL: <http://lists.nmglug.org/pipermail/nmglug-nmglug.org/attachments/20110206/96bbefd3/attachment.bin>

More information about the nmglug mailing list