All of the TurboVNC binaries back to 1.2 have been digitally signed.
The RPMs and DEBs are signed using the following GPG key: http://www.TurboVNC.org/key/VGL-GPG-KEY or http://pgp.mit.edu/pks/lookup?op=get&search=0x6BBEFA1972FEB9CE To verify the RPM package signatures: sudo rpm --import '{key URL}' rpm --checksig {RPM file} To verify the DEB package signatures: sudo mkdir /usr/share/debsig/keyrings/6BBEFA1972FEB9CE wget '{key URL}' -O /tmp/VGL-GPG-KEY sudo gpg --no-default-keyring --keyring /usr/share/debsig/keyrings/6BBEFA1972FEB9CE/debsig.gpg --import /tmp/VGL-GPG-KEY sudo chmod 644 /usr/share/debsig/keyrings/6BBEFA1972FEB9CE/debsig.gpg debsig-verify {DEB file} To verify the Windows installer package signatures: Right-click on the .exe file and look at the "Digital Signatures" tab. If you have the Windows SDK installed, you can also run signtool verify -pa {.exe file} ------------------------------------------------------------------------------ _______________________________________________ TurboVNC-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/turbovnc-users
