On Mon, 11 Jun 2018 20:07:38 -0700 HP Garcia <porta...@garlic.com> wrote:
> On Mon, 11 Jun 2018 10:39:29 +0200 > john doe <johndoe65...@mail.com> wrote: > > > On 6/11/2018 8:32 AM, john doe wrote: > > > On 6/11/2018 7:43 AM, HP Garcia wrote: > > >> I'm following the steps to verify kernel signatures using GNUpg. > > >> I'm following the directions from > > >> https://www.kernel.org/category/signatures.html. > > >> > > >> Where I am getting stumped is verifying the tar against the > > >> signature. > > >> > > >> linux-4.17 linux-4.17.tar linux-4.17.tar.sign > > >> root@Ultraman:/usr/src# gpg2 --verify linux-4.17.tar.sign > > >> gpg: assuming signed data in 'linux-4.17.tar' > > >> gpg: Signature made Sun 03 Jun 2018 02:35:54 PM PDT > > >> gpg: using RSA key 79BE3E4300411886 > > >> gpg: Can't check signature: No public key > > >> > > >> I tried several times trying to import keys belonging to Linus > > >> Torvalds and Greg Kroah-Hartman. Using this command: > > >> > > >> $ gpg2 --locate-keys torva...@kernel.org gre...@kernel.org > > >> > > >> I'm stumped. Am I missing something? > > >> > > > > > > Are the keys in your keyring?: > > > > > > $ gpg2 --list-keys > > > > > > Any errors when locating the keys? > > > > > > > If the keys are present in your keyring, the answer by Teemu > > Likonen <tliko...@iki.fi> is the next step to try. > > > > So it looks like I am missing the keyring application. > > -HP > Thanks everyone I finally got it to work. -HP
