Verify downloaded file with gnupg

From LemonWiki共筆

Revision as of 10:14, 26 February 2011 by Planetoid (talk | contribs) (Created page with "== Ways on how to verify downloaded file with gnupg == * Download and install [http://www.gnupg.org/download/ GnuPG 1.4.11 compiled for Microsoft Windows]([ftp://ftp.gnupg.org/g...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Ways on how to verify downloaded file with gnupg

Download and install GnuPG 1.4.11 compiled for Microsoft Windows(download directly).

Locate the downloaded file at another website:(1)file.tar.gz.sig (GPG security signature) (2)file.tar.gz (3)keys.txt (GPG public keys)

C:\Program Files\GNU\GnuPG\
* gpg.exe
* file.tar.gz.sig                     
* file.tar.gz                         
* keys.txt

open the console window
1. cmd > C:\Program Files\GNU\GnuPG>gpg --import keys.txt
2. cmd > C:\Program Files\GNU\GnuPG>gpg --verify file.tar.gz.sig file.tar.gz

Expected result after executed --verify command:

gpg: Good signature from ...

Troubleshooting

I met the message "Can't check signature: public key not found" after I executed --verify command

Solution: need to import the GPG public keys

Retrieved from "https://wiki.planetoid.info/index.php?title=Verify_downloaded_file_with_gnupg&oldid=9466"

Security