[Samba] newbie: Verification of the downloaded Samba source
John H Terpstra
jht at samba.org
Wed Dec 11 04:17:01 GMT 2002
Alan,
I just verified the samba-pubkey.asc and the two release keys and they
check out perfectly.
My key ID is CCB82B53, and I have signed this key.
You could try:
gpg --list-sigs 2F87AF6F
To see what info you have obtained from the samba-pubkey.asc file.
Also, is your own key valid?
- John T.
On Tue, 10 Dec 2002, alan brown wrote:
> This is probably nothing but when I did.
>
>
>
> $ gpg --import samba-pubkey.asc
> $ gpg --verify samba-release.tar.[bz2|gz].asc
>
>
>
> I got the following response
>
>
>
> gpg: Signature made Tue 26 Nov 2002 07:12:04 PM CST using DSA key
> ID 2F87AF6F
> gpg: Good signature from "Samba Distribution Verification Key "
>
>
>
> but then I also got the following.
>
>
>
> Could not find a valid trust path to the key. Let's see whether we can
> assign some missing owner trust values.
>
>
>
> No path leading to one of our keys found
>
>
>
> gpg: Warning: This key is not certified with a trusted signature.
>
> Gpg: There is no indication that the signature belongs to the owner.
>
>
>
> Is this just something silly that I've done? I thought I followed the
> very simple instructions adequately. Downloaded the tar file and the
> asc file associated with that file and the pubkey.asc file.
>
>
>
> Any help would be appreciated.
>
>
>
> alan
>
>
>
>
>
>
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list