Menu
▾
▴
Re: [SD4L-user] Using .sig files
|
From: Hans-Ulrich J. <han...@t-...> - 2010-02-15 20:24:33
|
Hi Joanthan, yes the .sig files are detached pgp signatures. Using the command line they may be verified by gpg --verify <.sig file> when the signed file (the file without the .sig extension) is in the same folder as the signature file. Probably it suffices to click or double click the .sig file in your favorite file system browser. My pgp signing key which signs all SD4L packages is Ulrich Juettner (Scramdisk for Linux Signature Key) <han...@t-...> the fingerprint is 478E BB6C 740F 0C9D D6A2 95EC 51D3 2249 68CE D9BE. You may get the public key from the keyservers e.g. wwwkeys.pgp.net or keyserver.veridis.com Best regards Ulrich Jonathan Coles wrote: > Sorry if this is a really dumb newbie question, but ... > > how can I verify my downloaded packages using the .sig file? > > If gpg is to be used, I need your public key. Where would I get this? > > If that's not the right program, could you clue me in as to how to do this? > > Thanks. > > ------------------------------------------------------------------------------ > SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, > Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW > http://p.sf.net/sfu/solaris-dev2dev > _______________________________________________ > SD4L-user mailing list > SD4...@li... > https://lists.sourceforge.net/lists/listinfo/sd4l-user > |
