Am Donnerstag, 1. Februar 2018 09:39:11 CET schrieb Wolfgang Engelmann
<[email protected]>:
> Am 01.02.2018 um 09:24 schrieb Kornel Benko:
> > Am Donnerstag, 1. Februar 2018 09:07:50 CET schrieb Wolfgang Engelmann
> >
> > <[email protected]>:
> >> Am 31.01.2018 um 18:23 schrieb Joel Kulesza:
> >>> On Wed, Jan 31, 2018 at 9:11 AM, Uwe Stöhr <[email protected]
> >>>
> >>> <mailto:[email protected]>> wrote:
> >>> Am 31.01.2018 um 10:31 schrieb Wolfgang Engelmann:
> >>> 2- How do I use the tar.xz.sig file in respect to the tar.xz?
> >>>
> >>> This is the signature file to check if the file you downloaded was
> >>> not modified.
> >>>
> >>> Uwe described what the file is, but how it is used is summarized here:
> >>> http://www.lyx.org/Download#toc11 <http://www.lyx.org/Download#toc11>
> >>>
> >>> - Joel
> >>
> >> Using the instruction given and after installing xz-utils
> >>
> >> sudo gpg --recv-keys FE66471B43559707AFDAD955DE7A44FAC7FB382D
> >>
> >> gives me
> >>
> >> gpg: Schlüssel DE7A44FAC7FB382D: Öffentlicher Schlüssel "LyX Release
> >> Manager (Signing LyX tarballs and binaries) <[email protected]>" importiert
> >> gpg: keine ultimativ vertrauenswürdigen Schlüssel gefunden
> >> gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1
> >> gpg: importiert: 1
> >> (open key, no ultimative reliable key found, number of used keys )
> >>
> >> Is this to be expected?
> >> Wolfgang
> >
> > Yes, and you should _not_ use 'sudo' here.
> >
> > Kornel
>
> Thanks, Kornel,
>
> I tried it first without sudo and got
>
> gpg --recv-keys FE66471B43559707AFDAD955DE7A44FAC7FB382D
> gpg: lookup_hashtable failed: Unbekannter Systemfehler
> /unknown system error/
> gpg: trustdb: searching trust record failed: Unbekannter Systemfehler
> gpg: Fehler: Die Vertrauensdatenbank ist fehlerhaft
> /trusting databank erraneous/
> gpg: Sie können versuchen die Vertrauensdatenbank durch folgende Befehle
> wiederherzustellen:
> gpg: cd ~/.gnupg
> gpg: gpg --export-ownertrust > otrust.tmp
> gpg: rm trustdb.gpg
> gpg: gpg --import-ownertrust < otrust.tmp
> gpg: Falls dies nicht funktioniert, sehen Sie bitte im Handbuch nach
> /if not working, check manual
>
> after the wrong sudo I tried again without sudo:
> /~$ gpg --recv-keys FE66471B43559707AFDAD955DE7A44FAC7FB382D
> gpg: Empfangen vom Schlüsselserver fehlgeschlagen: Keine Daten
Maybe some data not readable by you.
> /receiving of keyserver failed: No data
>
> Should I have first canceled my wrong attempt to use sudo, and how would
> I do that?
>
> Wolfgang
> /
I would first check that all data in ~/.gnupg/ belongs to me. And _never_ use
sudo for gpg.
To check if a file 'fxxx' and the signature are in sync:
# gpg --verify fxxx.sig fxxx
To import a public key I would use a gui like e.g. seahorse. Again, not as
root.
Kornel
