Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 30 Jul 2018 20:58:34 +0000 (UTC)
From: vapnik spaknik <vapniks@...oo.com>
To: "lkrg-users@...ts.openwall.com" <lkrg-users@...ts.openwall.com>
Subject: Re: Unable to verify signature

Yes, you're right, I checked; my browser unzips it but doesn't remove the file ending. 
Output of ls -l :-rw-rw-r-- 1 me me    563200 Jul 30 21:53 lkrg-0.3.tar.gz-rw-rw-r-- 1 me me       801 Jul 30 21:27 lkrg-0.3.tar.gz.sign
 

    On Monday, July 30, 2018 9:38 PM, Solar Designer <solar@...nwall.com> wrote:
 

 Hi,

On Mon, Jul 30, 2018 at 08:25:45PM +0000, vapnik spaknik wrote:
> $ gpg --verify lkrg-0.3.tar.gz.sign lkrg-0.3.tar.gzgpg: Signature made Wed 04 Jul 2018 17:47:13 BSTgpg:                using RSA key 0x05C027FD4BDC136Egpg: BAD signature from "Openwall offline signing key" [unknown]
> I have tried downloading through different proxies, but its the same each time.

I've just confirmed that I'm able to verify the signature on this file
as freshly downloaded from the website using wget.

To troubleshoot this further, please let us know what file sizes you
see.  One guess is that maybe the gzip compression on the tarball is
getting undone on the way or by your browser.

The correct file sizes are:

-rw-------. 1 solar solar 62616 Jul  4 18:47 lkrg-0.3.tar.gz
-rw-------. 1 solar solar  801 Jul  4 18:47 lkrg-0.3.tar.gz.sign

Also try:

$ file lkrg-0.3.tar.gz
lkrg-0.3.tar.gz: gzip compressed data, from Unix, last modified: Wed Jul 4 18:47:00 2018, max compression

Also let us know what version of GnuPG you're using.

Thanks,

Alexander


   
Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.