verifying the boot.iso for fedora 15
Todd Zullinger
tmz at pobox.com
Wed Apr 6 01:38:02 UTC 2011
Joel Rees wrote:
> gpg: Signature made Thu 03 Mar 2011 12:34:51 PM JST using RSA key ID 069C8460
> gpg: Good signature from "Fedora (15) <fedora at fedoraproject.org>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg: There is no indication that the signature belongs to the owner.
> Primary key fingerprint: 25DB B54B DED7 0987 F4C1 0042 B4EB F579 069C 8460
>
> but I don't find either the key or the fingerprint at
> https://fedoraproject.org/keys.
I just pushed a fix for this to the fedora-web git repository¹. When
the website syncs next it should be on the /keys page. That is the
proper key and fingerprint (though I don't expect you to just take my
word for that ;).
The key file was already uploaded to the site. You can grab it from
https://fedoraproject.org/static/069C8460.txt or pull all the Fedora
and EPEL keys from https://fedoraproject.org/static/fedora.gpg. A
handy shortcut for getting them is:
curl https://fedoraproject.org/static/fedora.gpg | gpg --import
¹ http://git.fedorahosted.org/git/?p=fedora-web.git;a=commitdiff;h=12f71c9c
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To have a successful relationship, I must learn to make it look like
I'm giving as much as I'm getting.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20110405/333530fd/attachment.bin
More information about the users
mailing list