You are not logged in.

#1 2018-02-09 09:47:28

hamid
Member
Registered: 2018-02-09
Posts: 2

Verifying iso signature fails

Hello,

The following command to verify the signature of the Archlinux ISO image does not work.

$ gpg --keyserver-options auto-key-retrieve --verify archlinux-2018.02.01-x86_64.iso.sig
gpg: assuming signed data in 'archlinux-2018.02.01-x86_64.iso'
gpg: Signature made پنجشنبه ۰۱ فوریه ۱۸، ۲۱:
gpg:                using RSA key 7F2D434B9741E8AC
gpg: requesting key 7F2D434B9741E8AC from hkp server pool.sks-keyservers.net
gpg: Can't check signature: No public key

What is the problem?

Offline

#2 2018-02-09 10:31:10

Allan
Pacman
From: Brisbane, AU
Registered: 2007-06-09
Posts: 11,365
Website

Re: Verifying iso signature fails

Seems downloading the key failed.

Offline

#3 2018-02-09 17:27:53

hamid
Member
Registered: 2018-02-09
Posts: 2

Re: Verifying iso signature fails

Is this usual or on purpose?

Offline

#4 2018-02-09 17:48:17

progandy
Member
Registered: 2012-05-17
Posts: 5,184

Re: Verifying iso signature fails

It should work. Can you search or download the key manually? My keyserver is configured as hkps://hkps.pool.sks-keyservers.net and I can find the key.

$ gpg --search-key 7F2D434B9741E8AC
gpg: data source: https://[2a02:c205:3001:3626::1]:443
(1)	Pierre Schmitz <pierre@archlinux.de>
	  2048 bit RSA key 7F2D434B9741E8AC, created: 2011-04-10
Keys 1-1 of 1 for "7F2D434B9741E8AC".  Enter number(s), N)ext, or Q)uit > 1
gpg: key 7F2D434B9741E8AC: 28 signatures not checked due to missing keys
gpg: key 7F2D434B9741E8AC: public key "Pierre Schmitz <pierre@archlinux.de>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1

If you have arch already, then the key should be in the pacman keyring, so you could use

pacman-key --verify

Last edited by progandy (2018-02-09 17:48:55)


| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |

Offline

Board footer

Powered by FluxBB