LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
Reload this Page [SOLVED] VLC - incomplete install
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
Page 3 of 3 12 3
  Search this Thread
Old 12-03-2021, 06:04 AM   #31
mknix
Member
 
Registered: Aug 2021
Distribution: Slackware64 -current
Posts: 60

Original Poster
Rep: Reputation: Disabled

Quote:
Originally Posted by kgha View Post
Since Eric Hameleers (AlienBob) is the one that can give the best answer, and since he has taken timeout from LQ, I suggest that you put your question to him via his blog: https://alien.slackbook.org/blog/

My guess is that the best place for this question would be his latest liveslak-related thread: https://alien.slackbook.org/blog/sec...-5-0/#comments
Thanks for that.
 
Old 12-03-2021, 06:21 AM   #32
kgha
Senior Member
 
Registered: May 2018
Location: Sweden
Distribution: Slackware 64 -current multilib from AlienBob's LiveSlak MATE
Posts: 1,073

Rep: Reputation: 746Reputation: 746Reputation: 746Reputation: 746Reputation: 746Reputation: 746Reputation: 746
A closer look revealed that Eric gives the answer to your question in abovementioned blog thread:
Quote:
The liveslak public key (SSL certificate in DER encoding) that you need to enroll can be downloaded from https://download.liveslak.org/secureboot/liveslak.der
 
Old 12-05-2021, 11:56 PM   #33
mknix
Member
 
Registered: Aug 2021
Distribution: Slackware64 -current
Posts: 60

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by kgha View Post
A closer look revealed that Eric gives the answer to your question in abovementioned blog thread:
Thanks for that. Hope I'm not being troublesome but I'm unsure what to do next.

Earlier, following these instructions,

Quote:
https://slackbuilds.org/faq/#asc
What are all of those .asc files in the repository?

Those files are GPG signatures. They can be used to verify that the SlackBuild script tarball is exactly the one that we placed on the site. Assuming you have both the script tarball and the .asc file in the same directory, this process is as simple as:
gpg --verify app.tar.gz.asc

Where is the project's GPG key?

Our GPG key is located at https://slackbuilds.org/GPG-KEY
I ran,

Code:
live@darkstar:~/Downloads/signature file$ gpg --import slackbuilds-key-file
gpg: key 9C7BA3B6: public key "SlackBuilds.org Development Team <slackbuilds-devel@slackbuilds.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
live@darkstar:~/Downloads/signature file$ gpg --verify veracrypt.tar.gz.asc veracrypt.tar.gz
gpg: Signature made Fri 27 Apr 2018 11:50:48 PM UTC using DSA key ID 9C7BA3B6
gpg: Good signature from "SlackBuilds.org Development Team <slackbuilds-devel@slackbuilds.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: D307 6BC3 E783 EE74 7F09  B8B7 0368 EF57 9C7B A3B
So when I opened that liveslak.der file I saw a whole lot of different keys etc but what should I do exactly - copy/paste the public key into a text file and save it as .asc? Tried that but didn't work. I named it as liveslack public key.asc
Last edited by mknix; 12-07-2021 at 12:49 AM.
 
Old 12-06-2021, 01:24 AM   #34
Windu
Member
 
Registered: Aug 2021
Distribution: Arch Linux, Debian, Slackware
Posts: 591

Rep: Reputation: Disabled
That 'liveslak.der' file is meant for Secure Boot from what I read in the blog. It is not meant for checking all these other downloadable files.
I see .md5 as well as .asc files in every directory BTW. The .md5 files are checksum files - you can use them to verify whether your download was corrupted or not. But I would not use them to validate that the files are un-tampered with . The .asc files are meant for the latter. They enable you to validate that the file was actually created by the Alien.
I downloaded a couple and ran:
Code:
$ gpg --verify 0060-nvidia-470.63.01_5.15.1-current-x86_64.sxz.asc 
gpg: assuming signed data in `0060-nvidia-470.63.01_5.15.1-current-x86_64.sxz'
gpg: Signature made Sun 07 Nov 2021 05:58:15 PM CET using RSA key ID 769EE011
gpg: Can't check signature: public key not found
This tells you to download the public GPG key "769EE011" into your GPG keyring:
Code:
$  gpg --keyserver keyserver.ubuntu.com --recv-keys 769EE011
gpg: requesting key 769EE011 from hkp server keyserver.ubuntu.com
gpg: key 769EE011: public key "Eric Hameleers (Alien BOB) <alien@slackware.com>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
Then the check works better:
Code:
$ gpg --verify 0060-nvidia-470.63.01_5.15.1-current-x86_64.sxz.asc 
gpg: assuming signed data in `0060-nvidia-470.63.01_5.15.1-current-x86_64.sxz'
gpg: Signature made Sun 07 Nov 2021 05:58:15 PM CET using RSA key ID 769EE011
gpg: Good signature from "Eric Hameleers (Alien BOB) <alien@slackware.com>"
gpg:                 aka "Eric Hameleers (Alien Base) <eric.hameleers@alienbase.nl>"
gpg:                 aka "Eric Hameleers <eric.hameleers@gmail.com>"
gpg:                 aka "Eric Hameleers (Thuis) <e.hameleers@chello.nl>"
gpg:                 aka "Eric Hameleers (SBo) <alien@slackbuilds.org>"
gpg:                 aka "[jpeg image of size 4594]"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2AD1 07EA F451 32C8 A991  F4F9 883E C63B 769E E011
 
1 members found this post helpful.
Old 12-07-2021, 01:01 AM   #35
mknix
Member
 
Registered: Aug 2021
Distribution: Slackware64 -current
Posts: 60

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Windu View Post
That 'liveslak.der' file is meant for Secure Boot from what I read in the blog. It is not meant for checking all these other downloadable files.
I see .md5 as well as .asc files in every directory BTW. The .md5 files are checksum files - you can use them to verify whether your download was corrupted or not. But I would not use them to validate that the files are un-tampered with . The .asc files are meant for the latter. They enable you to validate that the file was actually created by the Alien.
I downloaded a couple and ran:

[...]

That did the trick:

Code:
$ gpg --verify 0050-multilib-current-x86_64.sxz.asc
gpg: assuming signed data in `0050-multilib-current-x86_64.sxz'
gpg: Signature made Sun 07 Nov 2021 04:57:56 PM UTC using RSA key ID 769EE011
gpg: Good signature from "Eric Hameleers (Alien BOB) <alien@slackware.com>"
gpg:                 aka "Eric Hameleers (Alien Base) <eric.hameleers@alienbase.nl>"
gpg:                 aka "Eric Hameleers <eric.hameleers@gmail.com>"
gpg:                 aka "Eric Hameleers (Thuis) <e.hameleers@chello.nl>"
gpg:                 aka "Eric Hameleers (SBo) <alien@slackbuilds.org>"
gpg:                 aka "[jpeg image of size 4594]"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 2AD1 07EA F451 32C8 A991  F4F9 883E C63B 769E E011
Thanks so much for that.


But what about,

Code:
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
That's a bit off-putting but as you didn't comment on it I guess it can be safely ignored, no?
 
  


Reply
Page 3 of 3 12 3



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
'vlc-nox' missing from install on Raspbian, but its supposed to be using 'vlc-bin' now? harry2pointoh Linux - Newbie 3 06-27-2019 12:26 PM
Installing VLC using vlc-0.9.9a-4.el5.rf.i386.rpm--Error relating to Dependencies redhat5 Linux - Newbie 1 12-17-2009 04:23 PM
LXer: Create your own VLC skin with VLC media player Skin Editor LXer Syndicated Linux News 0 12-06-2009 12:30 PM
VLC error: VLC could not open the file "/usr/share/vlc/skins2/text.bmp". brjoon1021 Ubuntu 1 01-14-2009 10:48 PM
I'm Getting 6 VLC Windows At Once - Problem With VLC Player davidx Linux - Software 1 11-03-2008 11:45 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 07:32 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration