Verify downloaded file with gnupg: Difference between revisions

Revision as of 16:54, 26 February 2011

Locate the downloaded file at another website:(1)file.tar.gz.sig (GPG security signature) (2)file.tar.gz (3)keys.txt (GPG public keys from the website owner who offered files file.tar.gz.sig & file.tar.gz)

C:\Program Files\GNU\GnuPG\
* gpg.exe
* file.tar.gz.sig                     
* file.tar.gz                         
* keys.txt

open the console window
1. cmd > C:\Program Files\GNU\GnuPG>gpg --import keys.txt
2. cmd > C:\Program Files\GNU\GnuPG>gpg --verify file.tar.gz.sig file.tar.gz

Expected result after executed --verify command:

gpg: Good signature from ...

I met the message "Can't check signature: public key not found" after I executed --verify command

Revision as of 15:53, 26 February 2011 (edit) Planetoid (talk \| contribs) m (→‎Ways on how to verify downloaded file with gnupg) ← Older edit		Revision as of 16:54, 26 February 2011 (edit) (undo) Planetoid (talk \| contribs) m (→‎Ways on how to verify downloaded file with gnupg) Newer edit →
Line 1:		Line 1:
	== ~~Ways on how~~ to verify downloaded file with gnupg ==		== Way to verify downloaded file with gnupg ==
	* Download and install [http://www.gnupg.org/download/ GnuPG 1.4.11 compiled for Microsoft Windows]([ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.11.exe download directly]).		* Download and install [http://www.gnupg.org/download/ GnuPG 1.4.11 compiled for Microsoft Windows]([ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32cli-1.4.11.exe download directly]).