Verify downloaded file with gnupg: Difference between revisions
Jump to navigation
Jump to search
(→further reading: + Calculate the md5 hash) |
|||
| (6 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
== | == Way to verify downloaded file with gnupg == | ||
* Download and install [http://www.gnupg.org/download/ GnuPG 1.4.11 compiled for Microsoft Windows]([ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.11.exe download directly]). | * Download and install [http://www.gnupg.org/download/ GnuPG 1.4.11 compiled for Microsoft Windows]([ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.11.exe download directly]). | ||
* Locate the downloaded file at another website:(1)file.tar.gz.sig (GPG security signature) (2)file.tar.gz (3)keys.txt (GPG public keys) | * Locate the downloaded file at another website:(1)file.tar.gz.sig (GPG security signature) (2)file.tar.gz (3)keys.txt (GPG public keys from the website owner who offered files file.tar.gz.sig & file.tar.gz) | ||
<pre> | <pre> | ||
C:\Program Files\GNU\GnuPG\ | C:\Program Files\GNU\GnuPG\ | ||
| Line 17: | Line 17: | ||
Expected result after executed --verify command: | Expected result after executed --verify command: | ||
gpg: Good signature from ... | gpg: Good signature from ... | ||
== Troubleshooting == | == Troubleshooting == | ||
| Line 26: | Line 25: | ||
== further reading == | == further reading == | ||
* [http://www.gnupg.org/docs.html GnuPG documentation] | * [http://www.gnupg.org/docs.html GnuPG documentation] | ||
* {{Mac}} [http://notepad2.blogspot.tw/2012/07/mac-os-x-how-to-generate-md5-sha1.html Mac OS X: how to generate md5 sha1 sha256 checksums from command line] | |||
* related terms: MD5 or SHA1 Checksum | |||
"Calculate the md5 hash of a string" | |||
* [https://www.php.net/manual/en/function.md5.php PHP: md5 - Manual] | |||
* [https://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html MySQL :: MySQL 5.5 Reference Manual :: 12.13 Encryption and Compression Functions] | |||
[[Category:Security]] | [[Category:Security]] [[Category:Software]] | ||
Latest revision as of 14:33, 19 July 2019
Way to verify downloaded file with gnupg[edit]
- Download and install GnuPG 1.4.11 compiled for Microsoft Windows(download directly).
- Locate the downloaded file at another website:(1)file.tar.gz.sig (GPG security signature) (2)file.tar.gz (3)keys.txt (GPG public keys from the website owner who offered files file.tar.gz.sig & file.tar.gz)
C:\Program Files\GNU\GnuPG\ * gpg.exe * file.tar.gz.sig * file.tar.gz * keys.txt
- open the console window
- cmd > C:\Program Files\GNU\GnuPG>gpg --import keys.txt
- cmd > C:\Program Files\GNU\GnuPG>gpg --verify file.tar.gz.sig file.tar.gz
Expected result after executed --verify command:
gpg: Good signature from ...
Troubleshooting[edit]
I met the message "Can't check signature: public key not found" after I executed --verify command
- Solution: need to import the GPG public keys gpg --import keys.txt
further reading[edit]
- GnuPG documentation
- macOS
Mac OS X: how to generate md5 sha1 sha256 checksums from command line - related terms: MD5 or SHA1 Checksum
"Calculate the md5 hash of a string"