On 2/8/2018 12:34 PM, Jude DaShiell wrote:
running gpg --verify *.sign on all sign files found where debian-buster is downloaded returns bad key and [unknown] on those files.  I think the website has got dirty.



- Did you import the Debian signing key?
- Which files did you verify (URL used, you should only use debian.org)?
- What commands did you use and what are the output of those commands?

--
John Doe

Reply via email to