Hi! :-)
I just downloaded the minimal installation ISO and I was trying the
verification instructions.
I admit that I'm not any kind of gpg expert, so the results are
somewhat confusing to me.
Can someone shed some light on them?
Here's console's output:
>gpg --verify install-amd64-minimal-20201222T005811Z.iso.DIGESTS.asc
gpg: Signature made Tue Dec 22 17:01:06 2020 EET
gpg: using RSA key 534E4209AB49EEE1C19D96162C44695DB9F6043D
gpg: Good signature from "Gentoo Linux Release Engineering (Automated
Weekly Release Key) <rel...@gentoo.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 13EB BDBE DE7A 1277 5DFD B1BA BB57 2E0E 2D18 2910
Subkey fingerprint: 534E 4209 AB49 EEE1 C19D 9616 2C44 695D B9F6 043D
gpg: WARNING: not a detached signature; file
'install-amd64-minimal-20201222T005811Z.iso.DIGESTS' was NOT verified!
>
and:
>sha512sum -c install-amd64-minimal-20201222T005811Z.iso.DIGESTS.asc
install-amd64-minimal-20201222T005811Z.iso: OK
install-amd64-minimal-20201222T005811Z.iso: FAILED
install-amd64-minimal-20201222T005811Z.iso.CONTENTS.gz: OK
install-amd64-minimal-20201222T005811Z.iso.CONTENTS.gz: FAILED
sha512sum: WARNING: 14 lines are improperly formatted
sha512sum: WARNING: 2 computed checksums did NOT match
>
TIA! :-)
Giorgos.
.
