Roy Carin wrote: > I downloaded clamav 0.90rc3 from > http://sourceforge.net/project/showfiles.php?group_id=86638&package_id=90197&release_id=483125 > > I want to verify the integrity of the downloaded file. When I do > > gpg --keyserver random.sks.keyserver.penguin.de --verify > clamav-0.90rc3.tar.gz.sig > > it fails, saying this: > >> gpg: Signature made Wed Jan 31 18:04:35 2007 CST using DSA key ID 985A444B >> gpg: Can't check signature: public key not found > > René Berber, in message > <http://article.gmane.org/gmane.comp.security.virus.clamav.user/24861/match=0+90rc3+sourceforge> > , says that my GPG installation is broken. > > Can anyone tell me how I can fix it?
I think that the problem may be that you don't have the key on your keyring already and you don't have the auto-key-retrieve keyserver option enabled (it's not enabled by default). You can either enable that option or import the key before verifying the signature (via a keyserver webpage or using gpg --recv-key 985A444B). -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ====================================================================== What a terrible thing to have lost one's mind. Or not to have a mind at all. How true that is. -- Dan Quayle, speaking to the United Negro College Fund
pgpiI6nHdx2jQ.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users