On Mon, 3 Mar 2003, Al Sparks wrote:
> This is driving me nuts. But I am a newbie to gpg.
>
> I'm running RH 7.2. The gpg is from the standard rpm off of the CD.
> Here's the output from "gpg --version":
> gpg (GnuPG) 1.0.6
> Copyright (C) 2001 Free Software Foundation, Inc.
> This program comes with ABSOLUTELY NO WARRANTY.
> This is free software, and you are welcome to redistribute it
> under certain conditions. See the file COPYING for details.
>
> Home: ~/.gnupg
> Supported algorithms:
> Cipher: 3DES, CAST5, BLOWFISH, RIJNDAEL, RIJNDAEL192, RIJNDAEL256, TWOFISH
> Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
> Hash: MD5, SHA1, RIPEMD160
>
>
> I went on the sendmail site, and downloaded the files:
> sendmail.8.12.8.tar
> sendmail.8.12.8.tar.gz.sig
>
> I also downloaded sendmail.org's PGPKEYS.txt file.
>
> I imported the keys in that file with
> $ gpg --import PGPKEYS.txt
> and it seemed to work fine. Here's the output:
> gpg: key 16F4CCE9: public key imported
> gpg: key 396F0789: public key imported
> gpg: key 678C0A03: public key imported
> gpg: key CC374F2D: public key imported
> gpg: key E35C5635: public key imported
> gpg: key A39BA655: public key imported
> gpg: key D432E19D: public key imported
> gpg: key 12D3461D: public key imported
> gpg: key BF7BA421: public key imported
> gpg: key A00E1563: non exportable signature (class 10) - skipped
> gpg: key A00E1563: public key imported
> gpg: key 22327A01: public key imported
> gpg: Total number processed: 11
> gpg: imported: 11 (RSA: 11)
>
> According to the instructions in sendmail.org, I'm supposed to
> $ gunzip -c sendmail.8.12.8.tar.gz | gpg --verify sendmail.8.12.8.tar.gz.sig -
> and the output is:
> gunzip: sendmail.8.12.8.tar.gz: No such file or directory
> gpg: Signature made Tue 11 Feb 2003 10:25:07 AM AKST using RSA key ID 396F0789
> gpg: BAD signature from "Sendmail Signing Key/2003 <[EMAIL PROTECTED]>"
>
>
> Now I notice that the latest version of gpg is 1.2.1, but I figure if
> this was a big deal, RedHat would have put out an update (I checked
> both their site and rpmfind and they haven't).
>
> I notice that it's the *.sig file that's generating this error,
> because if I change the input I get the same error.
>
> As I said before, I'm a newbie to gpg. So there might be something
> obvious I'm missing.
> === Al
>
The problem is that the file you are trying to expand and send to gpg
does not exist. This is the error gunzip is generating. Because it can
not find sendmail.8.12.8.tar.gz, it does not send the unzipped data to
gpg. Now, if the file is sendmail.8.12.8.tar, and not
sendmail.8.12.8.tar.gz, then you can run:
gpg --verify sendmail.8.12.8.tar.gz.sig sendmail.8.12.8.tar and see if
it works. I suspect from the sig file name, that the sig was generated
from sendmail.8.12.8.tar.gz, and not sendmail.8.12.8.tar.gz, so it may
have a problem with the archive already being expanded.
Mikkel
--
Do not meddle in the affairs of dragons,
for you are crunchy and taste good with ketchup.
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
