If I download the package of the tools and scripts of liveslak, how do I check the PGP signature of alienbob?
Code:
$ wget http://git.slackware.nl/liveslak/snapshot/liveslak-1.1.9.7.tar.gz
What I am doing right now is cloning the repo and check the signature of the tag
Code:
$ git clone git://bear.alienbase.nl/liveslak.git
$ cd liveslak/
$ git verify-tag 1.1.9.7
gpg: Signature made Wed 14 Mar 2018 21:56:27 WET
gpg: using RSA key 883EC63B769EE011
gpg: Good signature from "Eric Hameleers (Alien BOB) <alien@slackware.com>" [full]
gpg: aka "Eric Hameleers <eric.hameleers@gmail.com>" [unknown]
gpg: aka "Eric Hameleers (SBo) <alien@slackbuilds.org>" [unknown]
gpg: aka "Eric Hameleers (Thuis) <e.hameleers@chello.nl>" [unknown]
gpg: aka "Eric Hameleers (Alien Base) <eric.hameleers@alienbase.nl>" [unknown]
gpg: aka "[jpeg image of size 4594]" [unknown]
Primary key fingerprint: 2AD1 07EA F451 32C8 A991 F4F9 883E C63B 769E E011
There is way to check the signature of the tar.gz or the tar.xz available to download?