dmd download sig file, how do I use it
Ali
fakeemailadress at example.com
Sun Mar 25 14:13:41 UTC 2018
On Sunday, 25 March 2018 at 04:01:28 UTC, Seb wrote:
> gpg --verify --keyring ~/dlang/d-keyring.gpg
> --no-default-keyring dmd.2.079.0.linux.tar.xz.sig
> dmd.2.079.0.linux.tar.xz
Thanks, I guess this kinda works
I am now getting
gpg: Signature made Fri 02 Mar 2018 01:47:57 PM EST
gpg: using RSA key B273811612BB1939
gpg: Good signature from "Martin Nowak
<martin.nowak at plugintheworld.com>" [expired]
gpg: aka "Martin Nowak (dawg) <me at dawg.eu>"
[expired]
gpg: aka "Martin Nowak <code at dawg.eu>" [expired]
gpg: Note: This key has expired!
Primary key fingerprint: AFC7 DB45 693D 62BB 472B F27B AB8F
E924 C2F7 E724
Subkey fingerprint: A734 4DAD 3C34 1EA1 2D13 C4E6 B273
8116 12BB 1939
The command is a bit tricky, originally i kept trying the command
with only the keyring file name, which didnt work, it needed the
path
> (Note: the individual keys in the keyring are currently expired
> and we are working on rolling out a new keyring, but that
> doesn't affect yverifying the existing signatures.)
while you are at it, also add a sha1 or a sh256 checksum, i think
it will work better to verify the download
More information about the Digitalmars-d-learn
mailing list