Re: [Rkhunter-users] Where is the public key for the .asc file
Brought to you by:
dogsbody
Menu
▾
▴
Re: [Rkhunter-users] Where is the public key for the .asc file
|
From: Andreiv <ni...@lu...> - 2008-07-28 17:36:23
|
On Monday 28 July 2008 19:07:31 un...@hu... wrote:
> On Mon, 28 Jul 2008 16:24:05 +0200 Andreiv <ni...@lu...>
>
> wrote:
> >There is a very weak association between the key id and rkhunter
>
> Apart from publishing the public part of the key, what can you
> recommend?
In text, the recommended verification method -- e.g.
# rkhunter releases are signed by rkh...@hu....
# you can verify an original release as follows:
gpg --keyserver subkeys.pgp.net --recv-keys 26447505
gpg --verify rkhunter-*.tar.gz.asc rkhunter-*.tar.gz
# If it says BAD signature, or something other than
# rkh...@hu..., then STOP
If you can attend a key signing party, you can sort out the trust part too -
but that might make the hushmail a bit pointless :)
|