Which version were you trying to verify? Try downloading the files again. I just tested it with 2.3 and got the following: $ gpg --verify ossec-hids-2.3.tar.gz.sig ossec-hids-2.3.tar.gz gpg: Signature made Fri Dec 04 11:01:51 2009 EST using RSA key ID 6B30327E gpg: Good signature from "Daniel B. Cid (Ossec development) <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 86C6 D33B C52E 19BF DDAE 57EB 4E57 14E2 6B30 327E
On Thu, Mar 18, 2010 at 6:02 PM, uifjlh <[email protected]> wrote: > when I try to do the gpg --verify command, I get the following error. > > gpg: verify signatures failed: unexpected data > > I downloaded the OSSEC-GPG-KEY.asc file just as in the online OSSEC > documentation. > > Suggestions? > > TY > > To unsubscribe from this group, send email to > ossec-list+unsubscribegooglegroups.com or reply to this email with the words > "REMOVE ME" as the subject. > To unsubscribe from this group, send email to ossec-list+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
