RE: Unable to verify
Hi, The MD5 file you can download from another mirror if you're concerned that it was messed up along with the distro. As for not finding my key (I signed these distros) -- let me check up on that and make sure my key is up on the pgpkeys.mit.edu server, and get back to you. Yoav Shapira http://www.yoavshapira.com >-Original Message- >From: Peter Fogg [mailto:[EMAIL PROTECTED] >Sent: Tuesday, October 12, 2004 10:25 PM >To: Tomcat Users List >Subject: Unable to verify > >The following files were downloaded from the Apache Jakarta Site: > >jakarta-tomcat-5.0.28.tar.gz >jakarta-tomcat-5.0.28.tar.gz.asc >jakarta-tomcat-5.0.28.tar.gz.md5 > >Attempted to verify the distribution before installing it: > >$ gpg --verify jakarta-tomcat-5.0.28.tar.gz.asc >jakarta-tomcat-5.0.28.tar.gz >gpg: Signature made Sat Aug 28 18:02:16 2004 PDT using DSA key ID >7C037D42 >gpg: Can't check signature: public key not found > >$ gpg --keyserver pgpkeys.mit.edu --recv-keys 7C037D42 >gpg: no valid OpenPGP data found. >gpg: Total number processed: 0 > >$ >. >. >. > >I have tried numerous keyservers with the same result. What am I doing >wrong? > >Peter - This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Unable to verify
Thanks for the response. I'm new to this business of verifying files and I read somewhere recently that it is not safe to use a .md5 file from the same server from which I get the distribution file. The reason given was that the .md5 file may also have been hacked along with the distribution file. That's why I was going the .asc route. Peter - On Oct 12, 2004, at 9:14 PM, Jacob Kjome wrote: It verifies just fine against the .md5 file using Ant's task. Jake At 07:24 PM 10/12/2004 -0700, you wrote: >The following files were downloaded from the Apache Jakarta Site: > >jakarta-tomcat-5.0.28.tar.gz >jakarta-tomcat-5.0.28.tar.gz.asc >jakarta-tomcat-5.0.28.tar.gz.md5 > >Attempted to verify the distribution before installing it: > >$ gpg --verify jakarta-tomcat-5.0.28.tar.gz.asc >jakarta-tomcat-5.0.28.tar.gz >gpg: Signature made Sat Aug 28 18:02:16 2004 PDT using DSA key ID >7C037D42 >gpg: Can't check signature: public key not found > >$ gpg --keyserver pgpkeys.mit.edu --recv-keys 7C037D42 >gpg: no valid OpenPGP data found. >gpg: Total number processed: 0 > >$ >. >. >. > >I have tried numerous keyservers with the same result. What am I doing >wrong? > >Peter - > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Unable to verify
It verifies just fine against the .md5 file using Ant's task. Jake At 07:24 PM 10/12/2004 -0700, you wrote: >The following files were downloaded from the Apache Jakarta Site: > >jakarta-tomcat-5.0.28.tar.gz >jakarta-tomcat-5.0.28.tar.gz.asc >jakarta-tomcat-5.0.28.tar.gz.md5 > >Attempted to verify the distribution before installing it: > >$ gpg --verify jakarta-tomcat-5.0.28.tar.gz.asc >jakarta-tomcat-5.0.28.tar.gz >gpg: Signature made Sat Aug 28 18:02:16 2004 PDT using DSA key ID >7C037D42 >gpg: Can't check signature: public key not found > >$ gpg --keyserver pgpkeys.mit.edu --recv-keys 7C037D42 >gpg: no valid OpenPGP data found. >gpg: Total number processed: 0 > >$ >. >. >. > >I have tried numerous keyservers with the same result. What am I doing >wrong? > >Peter - > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Unable to verify
The following files were downloaded from the Apache Jakarta Site: jakarta-tomcat-5.0.28.tar.gz jakarta-tomcat-5.0.28.tar.gz.asc jakarta-tomcat-5.0.28.tar.gz.md5 Attempted to verify the distribution before installing it: $ gpg --verify jakarta-tomcat-5.0.28.tar.gz.asc jakarta-tomcat-5.0.28.tar.gz gpg: Signature made Sat Aug 28 18:02:16 2004 PDT using DSA key ID 7C037D42 gpg: Can't check signature: public key not found $ gpg --keyserver pgpkeys.mit.edu --recv-keys 7C037D42 gpg: no valid OpenPGP data found. gpg: Total number processed: 0 $ . . . I have tried numerous keyservers with the same result. What am I doing wrong? Peter -
