Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

Digital sig doesn't verify

Help
Thomas
2006-02-02
2012-09-17
  • Thomas
    Thomas
    2006-02-02

    I'm moving to a new laptop (Windows XP Home Ed.) and have been transferring files, etc., all week. I'm not nearly a power user, but I am trying hard to retain some data security. I've installed GnuPG and tried to use it to validate the Password Safe binary (after having imported Rony Shapiro's Public Key). I got the following message:

    C:\Download>gpg --verify pwsafe-2.16.exe.sig pwsafe-2.16.exe
    gpg: no valid OpenPGP data found.
    gpg: the signature could not be verified.
    Please remember that the signature file (.sig or .asc)
    should be the first file given on the command line.

    Am I doing something wrong? Is the digital signature current? Thanks!

     
    • Rony Shapiro
      Rony Shapiro
      2006-02-03

      Hm,

      Works for me (see below). You might want to try "gpg --list-keys" to make sure that my public key is in your database:

      $ gpg --list-keys
      [...]
      pub 1024D/FA175557 2003-08-01 Rony Shapiro <ronys@users.sourceforge.net>
      sub 2048g/743C5431 2003-08-01
      [...]

      $ gpg --verify pwsafe-2.16.exe.sig pwsafe-2.16.exe
      gpg: Signature made Fri Jan 27 09:17:39 2006 JST using DSA key ID FA175557
      gpg: Good signature from "Rony Shapiro <ronys@users.sourceforge.net>"

      $ gpg --verify pwsafe-2.16.exe.sig
      gpg: Signature made Fri Jan 27 09:17:39 2006 JST using DSA key ID FA175557
      gpg: Good signature from "Rony Shapiro <ronys@users.sourceforge.net>"

      $ gpg pwsafe-2.16.exe.sig
      gpg: Signature made Fri Jan 27 09:17:39 2006 JST using DSA key ID FA175557
      gpg: Good signature from "Rony Shapiro <ronys@users.sourceforge.net>"

      Cheers,

        Rony