Verify downloaded file with gnupg: Difference between revisions
Jump to navigation
Jump to search
| Line 2: | Line 2: | ||
* Download and install [http://www.gnupg.org/download/ GnuPG 1.4.11 compiled for Microsoft Windows]([ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.11.exe download directly]). | * Download and install [http://www.gnupg.org/download/ GnuPG 1.4.11 compiled for Microsoft Windows]([ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.11.exe download directly]). | ||
* Locate the downloaded file at another website:(1)file.tar.gz.sig (GPG security signature) (2)file.tar.gz (3)keys.txt ( | * Locate the downloaded file at another website:(1)file.tar.gz.sig (GPG security signature) (2)file.tar.gz (3)keys.txt (GPG public keys from the website owner who offered files file.tar.gz.sig & file.tar.gz) | ||
<pre> | <pre> | ||
C:\Program Files\GNU\GnuPG\ | C:\Program Files\GNU\GnuPG\ | ||
Revision as of 15:53, 26 February 2011
Ways on how to verify downloaded file with gnupg
- Download and install GnuPG 1.4.11 compiled for Microsoft Windows(download directly).
- Locate the downloaded file at another website:(1)file.tar.gz.sig (GPG security signature) (2)file.tar.gz (3)keys.txt (GPG public keys from the website owner who offered files file.tar.gz.sig & file.tar.gz)
C:\Program Files\GNU\GnuPG\ * gpg.exe * file.tar.gz.sig * file.tar.gz * keys.txt
- open the console window
- cmd > C:\Program Files\GNU\GnuPG>gpg --import keys.txt
- cmd > C:\Program Files\GNU\GnuPG>gpg --verify file.tar.gz.sig file.tar.gz
Expected result after executed --verify command:
gpg: Good signature from ...
Troubleshooting
I met the message "Can't check signature: public key not found" after I executed --verify command
- Solution: need to import the GPG public keys gpg --import keys.txt