>>>>> "Fred" == Fred Silsbee <fredsilsbee@xxxxxxxxx> writes:
Fred> (1) download to the same directory the sha1sum and make a
Fred> file out of it say shasum.txt
OK. But I found this at http://fedoraproject.org/en/verify :
> curl https://fedoraproject.org/static/fedora.gpg | gpg --import
I get:
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 6638 100 6638 0 0 2911 0 0:00:02 0:00:02 --:--:-- 5630
gpg: key 4F2A6FD2: public key "Fedora Project <fedora@xxxxxxxxxx>" imported
gpg: key 30C9ECF8: public key "Fedora Project (Test Software) <rawhide@xxxxxxxxxx>" imported
gpg: key 4EBFC273: public key "Fedora (10) <fedora@xxxxxxxxxxxxxxxxx>" imported
gpg: key 0B86274E: public key "Fedora (10 testing) <fedora@xxxxxxxxxxxxxxxxx>" imported
gpg: Total number processed: 4
gpg: imported: 4
> Now, to verify that the SHA1SUM file is valid, make sure that it has a good signature from the key ID 4EBFC273.
>$ gpg --verify SHA1SUM
and if I do that I get:
gpg: Signature made Thu 20 Nov 2008 17:35:25 GMT using DSA key ID 4EBFC273
gpg: Can't check signature: public key not found
Previously the import showed:
--
Colin Adams
Preston Lancashire
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
