LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
LinkBack Search this Thread
Old 03-14-2013, 11:41 AM   #1
cfdisk
Member
 
Registered: May 2011
Location: Philadelphia, PA
Distribution: Slackware 13.37
Posts: 88

Rep: Reputation: 15
PGP reads bad signature from SlackBuilds.org


Hello,

I can't verify pwgen signature from SlackBuilds

Code:
[mike:~/build]$ gpg pwgen.tar.gz.asc 
Detached signature.
Please enter name of data file: pwgen-2.06.tar.gz 
gpg: Signature made Wed 27 Apr 2011 07:05:54 PM EDT using DSA key ID 9C7BA3B6
gpg: BAD signature from "SlackBuilds.org Development Team <slackbuilds-devel@slackbuilds.org>"
I checked it twice and I guess there was no mistakes on my side because another script, fakeroot, verifies:
Code:
[mike:~/build]$ gpg fakeroot.tar.gz.asc 
gpg: Signature made Wed 27 Apr 2011 07:15:45 PM EDT using DSA key ID 9C7BA3B6
gpg: Good signature from "SlackBuilds.org Development Team <slackbuilds-devel@slackbuilds.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: D307 6BC3 E783 EE74 7F09  B8B7 0368 EF57 9C7B A3B6
Just in case, this is my folder:
Code:
[mike:~/build]$ ls -l                         
total 48
-rw-r--r-- 1 mike users  2370 Feb  6  2007 GPG-KEY
-rw-r--r-- 1 mike users  2488 Mar 14 11:22 fakeroot.tar.gz
-rw-r--r-- 1 mike users   198 Apr 27  2011 fakeroot.tar.gz.asc
-rw-r--r-- 1 mike users 30952 Mar 14 11:50 pwgen-2.06.tar.gz
-rw-r--r-- 1 mike users   198 Apr 27  2011 pwgen.tar.gz.asc
Could you please look into the matter?


Thanks in advance.


M.
 
Old 03-14-2013, 11:47 AM   #2
T3slider
Senior Member
 
Registered: Jul 2007
Distribution: Slackware64-14.0
Posts: 2,231

Rep: Reputation: 573Reputation: 573Reputation: 573Reputation: 573Reputation: 573Reputation: 573
I'm no expert, but I believe you are trying to manually use the pwgen.tar.gz.asc file to verify the *source* pwgen-2.06.tar.gz file since the SBo pwgen.tar.gz file is missing. SBo's signatures verify the SlackBuild tarballs, not the source (the source is indirectly verified by the md5sum contained in the verified SlackBuild tarball, in the pwgen.info file). Download the correct file and re-verify and it should all work out.
 
1 members found this post helpful.
Old 03-14-2013, 11:54 AM   #3
cfdisk
Member
 
Registered: May 2011
Location: Philadelphia, PA
Distribution: Slackware 13.37
Posts: 88

Original Poster
Rep: Reputation: 15
Thanks, T3slider!

You are right.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
check software with PGP signature said76 Linux - Newbie 1 12-10-2012 05:19 AM
Fedora Core 3: Need to Install org-x11-devel ( error:...Header...signature, BAD... ) downplay Fedora 2 03-04-2009 02:40 PM
Use SlackBuilds.org or my own hosting to offer up SlackBuilds? hollywoodb Slackware 6 11-30-2006 08:56 PM
PGP Signature? little_penguin Linux - Security 3 05-14-2005 08:33 AM
PGP signature sopiaz57 Linux - Security 2 11-25-2003 09:30 AM


All times are GMT -5. The time now is 07:04 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration