Hi, On Sun, 24 Mar 2024 07:51:51 -0400 bill-auger <bill-auger@peers.community> wrote: > awesome, it is great to see a new dynebolic > > i gave the new LiveISO a try with QEMU (2 cores 2GB RAM) About the new Dynebolic image, did you (or someone else) manage to find the GPG key that signed the release?
At https://files.dyne.org/dynebolic/ we have a dynebolic-4.0.0-beta.iso.sha512sum.asc file. It uses the 914926C2E916F1E0B1A3235DD811F9D2D5CC7115 key: > $ gpg --verify dynebolic-4.0.0-beta.iso.sha512sum.asc > gpg: assuming signed data in 'dynebolic-4.0.0-beta.iso.sha512sum' > gpg: Signature made Thu 21 Mar 2024 06:30:23 PM CET > gpg: using RSA key > 914926C2E916F1E0B1A3235DD811F9D2D5CC7115 gpg: Can't check signature: > No public key And I tried to find that key but I might have missed it somehow. I'm asking here because I also document various FSDG distributions on the Libreplanet wiki and in https://libreplanet.org/wiki/Group:Software/FSDG_distributions/Security I would like to tell that Dynebolic 4.0.0-beta has a "signed installer". Denis.
pgpUHmZ8MKEcr.pgp
Description: OpenPGP digital signature
