using gpg to verify signatures
Martin Karlsson
mk-freebsd at bredband.net
Fri Apr 25 18:02:58 PDT 2003
Hi,
* Michelle Weeks <tristan11 at mindspring.com> [2003-04-23 10.52 -0700]:
> i'm trying to learn how to verify signatures. i have downloaded and
> installed gnupg. i have also downloaded the cvs.patch and
> cvs.patch.asc
> ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-
> 03:01.cvs.asc and would like to verify the signature. my rough
> understanding from the gnupg documentation is that i need to import the
> public key into my public keyring before i can use gpg --verify to
> verify the signature. i believe that i should use gpg --import "public
> key file". how do i get the public key for the cvs.patch?
Security Advisories are signed with the FreeBSD Security Officer PGP
key. You'll find it at:
<URL:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/public_key.asc >
More security information can be found at:
<URL:http://www.freebsd.org/security/index.html >
HTH,
--
Martin Karlsson
More information about the freebsd-questions
mailing list