我一直在尝试验证文件签名,但是只是签名不正确。
我正在使用以下公用密钥:OpenVPN public key并保存到ovpn_pub.asc。
然后我这样做:
gpg --import ovpn_pub.asc
输出:
uid OpenVPN - Security Mailing List <security@openvpn.net>
sig!3 12F5F7B42F2B01E7 2017-02-09 [self-signature]
sig!3 12F5F7B42F2B01E7 2017-02-09 [self-signature]
sub F80E8008F6D9F8D7
sig! 12F5F7B42F2B01E7 2017-02-14 [self-signature]
sub D72AF3448CC2B034
sig! 12F5F7B42F2B01E7 2017-02-09 [self-signature]
sub F132B1CBAF131CAE
sig! 12F5F7B42F2B01E7 2018-03-07 [self-signature]
sub 0A24DFCF907F94CF
sig! 12F5F7B42F2B01E7 2018-03-07 [self-signature]
key 12F5F7B42F2B01E7:
1 duplicate signature removed
21 signatures not checked due to missing keys
gpg: key 12F5F7B42F2B01E7: public key "OpenVPN - Security Mailing List <security@openvpn.net>" imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: no ultimately trusted keys found
所以我按照以下步骤操作:Troubleshooting GnuPG – gpg: no ultimately trusted keys found
现在执行gpg --list-keys就像这样:
pub rsa4096 2017-02-09 [SC] [expires: 2027-02-07]
F554A3687412CFFEBDEFE0A312F5F7B42F2B01E7
uid [ultimate] OpenVPN - Security Mailing List <security@openvpn.net>
但是,执行此命令时:
gpg -v --verify openvpn-install-2.4.7-I603.exe.asc openvpn-install-2.4.7-I603.exe
我得到:
gpg: Signature made Thu Feb 21 21:45:06 2019 CET
gpg: using RSA key 82175D35AA8D0E8BDE5F4F9E5DC351805ACFEAC6
gpg: Can't check signature: No public key
此外,我无法删除导入的公共密钥,因为我一生都无法弄清密钥ID是什么或delkey的工作原理。
如何正确执行此操作?