Problem with latest Samba 2.2.7a PGP signed files
Herb Lewis
herb at sgi.com
Wed Dec 11 21:27:00 GMT 2002
This renaming was to work around a browser problem where browsers
would think any file with a .gz anywhere in the path was a
gzipped file.
When the filenames differ use
gpg --verify samba-2.2.7a_tar_gz.asc samba-2.2.7a.tar.gz
David Lechnyr wrote:
>
> It's probably worth noting that your PGP signature for new Samba 2.2.7a *FAILS* verification (on both bzip2 and gzip'd files). The problem is not in the signature itself, but the filename:
>
> $ wget http://us1.samba.org/samba/ftp/samba-2.2.7a.tar.gz
> $ wget http://us1.samba.org/samba/ftp/samba-2.2.7a_tar_gz.asc
> $ gpg --verify samba-2.2.7a_tar_gz.asc
> gpg: no signed data
> gpg: can't hash datafile: file open error
>
> However:
>
> $ mv samba-2.2.7a_tar_gz.asc samba-2.2.7a.tar.gz.asc
> $ gpg --verify samba-2.2.7a.tar.gz.asc
> gpg: Signature made Wed Dec 11 07:38:39 2002 PST using DSA key ID 2F87AF6F
> gpg: Good signature from "Samba Distribution Verification Key <samba-bugs at samba.org>"
>
> This was tested using GnuPG 1.2.1 on bash 2.05a.
>
> Regards,
> - David Lechnyr
--
======================================================================
Herb Lewis Silicon Graphics
Networking Engineer 1600 Amphitheatre Pkwy MS-510
Strategic Software Organization Mountain View, CA 94043-1351
herb at sgi.com Tel: 650-933-2177
http://www.sgi.com Fax: 650-932-2177
PGP Key: 0x8408D65D
======================================================================
More information about the samba-technical
mailing list