Rufe Glick
2014-Jul-08 14:07 UTC
[CentOS] Can't verify gpg signature for the file with hashes for the CentOS 7
Hello there. I've just downloaded the CentOS v7.0 via torrent and am trying to verify the gpg signature for the file with hashes. When I do "gpg --verify sha256sum.txt.asc" I get the key ID of F4A80EB5. Then I'm trying to get the public key with "gpg --keyserver pgp.mit.edu --recv-keys F4A80EB5" command. The gpg returns error of "no valid OpenPGP data found". Does anyone have an idea of why the public key isn't there? Is there another keyserver I should try? The torrent link came from here -- http://goo.gl/YctkmI (The first DVD one) -- Best regards, Rufe
Ulf Volmer
2014-Jul-08 20:45 UTC
[CentOS] Can't verify gpg signature for the file with hashes for the CentOS 7
On 07/08/2014 04:07 PM, Rufe Glick wrote:> Hello there. I've just downloaded the CentOS v7.0 via torrent and am > trying to verify the gpg signature for the file with hashes. When I do > "gpg --verify sha256sum.txt.asc" I get the key ID of F4A80EB5. Then I'm > trying to get the public key with "gpg --keyserver pgp.mit.edu --recv-keys > F4A80EB5" command. The gpg returns error of "no valid OpenPGP data found". > Does anyone have an idea of why the public key isn't there? Is there > another keyserver I should try?Yes, unfortunately the key is not available on the web or in the announcement mail. The only place i found the key was in the downloaded iso: sudo mount -o loop CentOS-7.0-1406-x86_64-DVD.iso /mnt gpg --import /mnt/RPM-GPG-KEY-CentOS-7 regards Ulf