Am Donnerstag, 1. Februar 2018 12:56:48 CET schrieb Wolfgang Engelmann <engelm...@uni-tuebingen.de>: > Am 01.02.2018 um 11:49 schrieb Kornel Benko: > > Am Donnerstag, 1. Februar 2018 11:21:26 CET schrieb Wolfgang Engelmann > > > > <engelm...@uni-tuebingen.de>: > >> Am 01.02.2018 um 10:04 schrieb Kornel Benko: > >>> Am Donnerstag, 1. Februar 2018 09:39:11 CET schrieb Wolfgang Engelmann > >>> > >>> <engelm...@uni-tuebingen.de>: > >>>> Am 01.02.2018 um 09:24 schrieb Kornel Benko: > >>>>> Am Donnerstag, 1. Februar 2018 09:07:50 CET schrieb Wolfgang Engelmann > >>>>> > >>>>> <engelm...@uni-tuebingen.de>: > >>>>>> Am 31.01.2018 um 18:23 schrieb Joel Kulesza: > >>>>>>> On Wed, Jan 31, 2018 at 9:11 AM, Uwe Stöhr <uwesto...@lyx.org > >>>>>>> > >>>>>>> <mailto:uwesto...@lyx.org>> wrote: > >>>>>>> Am 31.01.2018 um 10:31 schrieb Wolfgang Engelmann: > >>>>>>> 2- How do I use the tar.xz.sig file in respect to the > >>>>>>> tar.xz? > >>>>>>> > >>>>>>> This is the signature file to check if the file you > >>>>>>> downloaded > >>>>>>> was > >>>>>>> not modified. > >>>>>>> > >>>>>>> Uwe described what the file is, but how it is used is summarized > >>>>>>> here: > >>>>>>> http://www.lyx.org/Download#toc11 > >>>>>>> <http://www.lyx.org/Download#toc11> > >>>>>>> > >>>>>>> - Joel > >>>>>> > >>>>>> Using the instruction given and after installing xz-utils > >>>>>> > >>>>>> sudo gpg --recv-keys FE66471B43559707AFDAD955DE7A44FAC7FB382D > >>>>>> > >>>>>> gives me > >>>>>> > >>>>>> gpg: Schlüssel DE7A44FAC7FB382D: Öffentlicher Schlüssel "LyX Release > >>>>>> Manager (Signing LyX tarballs and binaries) <sa...@lyx.org>" > >>>>>> importiert > >>>>>> gpg: keine ultimativ vertrauenswürdigen Schlüssel gefunden > >>>>>> gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1 > >>>>>> gpg: importiert: 1 > >>>>>> (open key, no ultimative reliable key found, number of used keys ) > >>>>>> > >>>>>> Is this to be expected? > >>>>>> Wolfgang > >>>>> > >>>>> Yes, and you should _not_ use 'sudo' here. > >>>>> > >>>>> Kornel > >>>> > >>>> Thanks, Kornel, > >>>> > >>>> I tried it first without sudo and got > >>>> > >>>> gpg --recv-keys FE66471B43559707AFDAD955DE7A44FAC7FB382D > >>>> gpg: lookup_hashtable failed: Unbekannter Systemfehler > >>>> /unknown system error/ > >>>> gpg: trustdb: searching trust record failed: Unbekannter Systemfehler > >>>> gpg: Fehler: Die Vertrauensdatenbank ist fehlerhaft > >>>> /trusting databank erraneous/ > >>>> gpg: Sie können versuchen die Vertrauensdatenbank durch folgende > >>>> Befehle > >>>> wiederherzustellen: > >>>> gpg: cd ~/.gnupg > >>>> gpg: gpg --export-ownertrust > otrust.tmp > >>>> gpg: rm trustdb.gpg > >>>> gpg: gpg --import-ownertrust < otrust.tmp > >>>> gpg: Falls dies nicht funktioniert, sehen Sie bitte im Handbuch nach > >>>> /if not working, check manual > >>>> > >>>> after the wrong sudo I tried again without sudo: > >>>> /~$ gpg --recv-keys FE66471B43559707AFDAD955DE7A44FAC7FB382D > >>>> gpg: Empfangen vom Schlüsselserver fehlgeschlagen: Keine Daten > >>> > >>> Maybe some data not readable by you. > >>> > >>>> /receiving of keyserver failed: No data > >>>> > >>>> Should I have first canceled my wrong attempt to use sudo, and how > >>>> would > >>>> I do that? > >>>> > >>>> Wolfgang > >>>> / > >>> > >>> I would first check that all data in ~/.gnupg/ belongs to me. > >> > >> yes, they do > >> > >>> And _never_ use > >>> sudo for gpg. > >> > >> now I know. Thanks > >> > >>> To check if a file 'fxxx' and the signature are in sync: > >>> # gpg --verify fxxx.sig fxxx > >>> > >>> To import a public key I would use a gui like e.g. seahorse. > >> > >> I have installed seahorse and tried it. But I need a hint. > >> I have a folder > >> lyx-2-3-new > >> which contains the > >> .tar.xz and the tar.xz.sig > >> Seahorse does not seem to recognize the content of the tar.xz stuff. > >> Do I have to extract the .tar.xz and the tar.xz.sig first, move the sig > >> into the folder with the extracted stuff and than run it? > >> Sorry for these probably naive questions, but I am in the 80s and it > >> takes all its time. > >> Thanks for your patience > >> Wolfgang > > > > # seahorse > > > > Entfernt->Entfernte Schlüssel suchen...->Suche nach: sanda@lyx > > > > Suchort: > > hkp://keyserver.ubuntu.com:11371 > > > > click on the entry with 'Signing LyX tarballs and binaries' > > click on '+ Importieren > > leave the dialog > > goto GnuPG-Schlüssel > > left click on this new key ->Eigenschaften->Vertrauen > > click on 'Vertrauen in diesen Schlüssel' > > close dialog > > > > You should be done > > > > Kornel > > I guess, you meant with # seahorse > run as superuser.
PLEASE NO!!!! Never as superuser, if you are doing something private. > The terminal from which I ran it, tells > # seahorse > (seahorse:32621): GLib-GIO-CRITICAL **: g_dbus_proxy_new_sync: assertion > 'G_IS_DBUS_CONNECTION (connection)' failed > (seahorse:32621): GLib-GIO-CRITICAL **: g_dbus_proxy_get_name_owner: > assertion 'G_IS_DBUS_PROXY (proxy)' failed > (seahorse:32621): seahorse-WARNING **: gkr-backend.vala:90: couldn't > connect to secret service: Verbindung ist geschlossen > > Might have to do with your > > To check if a file 'fxxx' and the signature are in sync: > # gpg --verify fxxx.sig fxxx > ?? Wolfgang Kornel