On Monday 28 July 2008 19:07:31 [EMAIL PROTECTED] wrote:
> On Mon, 28 Jul 2008 16:24:05 +0200 Andreiv <[EMAIL PROTECTED]>
>
> wrote:
> >There is a very weak association between the key id and rkhunter
>
> Apart from publishing the public part of the key, what can you
> recommend?
In text, the recommended verification method -- e.g.
# rkhunter releases are signed by [EMAIL PROTECTED]
# you can verify an original release as follows:
gpg --keyserver subkeys.pgp.net --recv-keys 26447505
gpg --verify rkhunter-*.tar.gz.asc rkhunter-*.tar.gz
# If it says BAD signature, or something other than
# [EMAIL PROTECTED], then STOP
If you can attend a key signing party, you can sort out the trust part too -
but that might make the hushmail a bit pointless :)
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Rkhunter-users mailing list
Rkhunter-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rkhunter-users
