How To Verify Files and Signatures with PGP In Linux?

RSS
EMAIL
FACEBOOK
FACEBOOK
GOOGLE
GOOGLE
https://www.poftut.com/how-to-verify-files-and-signatures-with-pgp-in-linux/
PINTEREST
PINTEREST
INSTAGRAM

GnuPG is opensource and popular alternative to the PGP. PGP provide encryption related function. PGP provides hash function like standard Linux packages. We will look ow to verify files downloaded from internet with their PGP signatures to verify.

Find PGP Information

In this example we will use Apache source code. Apache PGP signature can be found and downloaded like below.

Find PGP Information
Find PGP Information

We can see that signature file have asc extension with the same name with compressed source code file.

Download Apache Source

We will download Apache source code related with previously downloaded PGP signature.

Download Apache Source
Download Apache Source

Verify Source Code

We will verify downloaded Apache source code with PGP by providing signature file

Verify Source Code
Verify Source Code

There is a problem Can’t check signature: No Public key error

Add Public Key Server

We will add public key server to check our signature file.

Add Public Key Server
Add Public Key Server

We have successfully received public key from server.

Check Again Signature File

We will check the signature file again. I hope it works

Check Again Signature File
Check Again Signature File

We can see that signed data is determined. Also RSA key is printed to the screen. The signer information also provided which is Jim Jagielski.

RSS
EMAIL
FACEBOOK
FACEBOOK
GOOGLE
GOOGLE
https://www.poftut.com/how-to-verify-files-and-signatures-with-pgp-in-linux/
PINTEREST
PINTEREST
INSTAGRAM
LEARN MORE  Crash Linux System With A Bash Fork Bomb