Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Slackware This Forum is for the discussion of Slackware Linux.


  Search this Thread
Old 03-14-2013, 11:41 AM   #1
Registered: May 2011
Location: Philadelphia, PA
Distribution: Slackware 13.37
Posts: 89

Rep: Reputation: 16
PGP reads bad signature from


I can't verify pwgen signature from SlackBuilds

[mike:~/build]$ gpg pwgen.tar.gz.asc 
Detached signature.
Please enter name of data file: pwgen-2.06.tar.gz 
gpg: Signature made Wed 27 Apr 2011 07:05:54 PM EDT using DSA key ID 9C7BA3B6
gpg: BAD signature from " Development Team <>"
I checked it twice and I guess there was no mistakes on my side because another script, fakeroot, verifies:
[mike:~/build]$ gpg fakeroot.tar.gz.asc 
gpg: Signature made Wed 27 Apr 2011 07:15:45 PM EDT using DSA key ID 9C7BA3B6
gpg: Good signature from " Development Team <>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: D307 6BC3 E783 EE74 7F09  B8B7 0368 EF57 9C7B A3B6
Just in case, this is my folder:
[mike:~/build]$ ls -l                         
total 48
-rw-r--r-- 1 mike users  2370 Feb  6  2007 GPG-KEY
-rw-r--r-- 1 mike users  2488 Mar 14 11:22 fakeroot.tar.gz
-rw-r--r-- 1 mike users   198 Apr 27  2011 fakeroot.tar.gz.asc
-rw-r--r-- 1 mike users 30952 Mar 14 11:50 pwgen-2.06.tar.gz
-rw-r--r-- 1 mike users   198 Apr 27  2011 pwgen.tar.gz.asc
Could you please look into the matter?

Thanks in advance.

Old 03-14-2013, 11:47 AM   #2
Senior Member
Registered: Jul 2007
Distribution: Slackware64-14.1
Posts: 2,364

Rep: Reputation: 833Reputation: 833Reputation: 833Reputation: 833Reputation: 833Reputation: 833Reputation: 833
I'm no expert, but I believe you are trying to manually use the pwgen.tar.gz.asc file to verify the *source* pwgen-2.06.tar.gz file since the SBo pwgen.tar.gz file is missing. SBo's signatures verify the SlackBuild tarballs, not the source (the source is indirectly verified by the md5sum contained in the verified SlackBuild tarball, in the file). Download the correct file and re-verify and it should all work out.
1 members found this post helpful.
Old 03-14-2013, 11:54 AM   #3
Registered: May 2011
Location: Philadelphia, PA
Distribution: Slackware 13.37
Posts: 89

Original Poster
Rep: Reputation: 16
Thanks, T3slider!

You are right.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
check software with PGP signature said76 Linux - Newbie 1 12-10-2012 05:19 AM
Fedora Core 3: Need to Install org-x11-devel ( error:...Header...signature, BAD... ) downplay Fedora 2 03-04-2009 02:40 PM
Use or my own hosting to offer up SlackBuilds? hollywoodb Slackware 6 11-30-2006 08:56 PM
PGP Signature? little_penguin Linux - Security 3 05-14-2005 08:33 AM
PGP signature sopiaz57 Linux - Security 2 11-25-2003 09:30 AM

All times are GMT -5. The time now is 11:06 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration