Re: [Rkhunter-users] Where is the public key for the .asc file
Brought to you by:
dogsbody
From: Andreiv <ni...@lu...> - 2008-07-28 17:36:23
|
On Monday 28 July 2008 19:07:31 un...@hu... wrote: > On Mon, 28 Jul 2008 16:24:05 +0200 Andreiv <ni...@lu...> > > wrote: > >There is a very weak association between the key id and rkhunter > > Apart from publishing the public part of the key, what can you > recommend? In text, the recommended verification method -- e.g. # rkhunter releases are signed by rkh...@hu.... # you can verify an original release as follows: gpg --keyserver subkeys.pgp.net --recv-keys 26447505 gpg --verify rkhunter-*.tar.gz.asc rkhunter-*.tar.gz # If it says BAD signature, or something other than # rkh...@hu..., then STOP If you can attend a key signing party, you can sort out the trust part too - but that might make the hushmail a bit pointless :) |