Edit: I should probably first say that I don't know much about what I am looking at here. I will learn more about that later once I start studying my cyber security books. I really just want to know if the output that I am getting is ok for me to continue with the installation process. I would hate to install some system that some jerk modified for some malicious reason.
I am wanting to install the recommended gnome stage 3. The instructions say that I should see output similar to this:
gpg: Signature made Sun 25 Dec 2016 03:57:27 PM MST using RSA key ID 613539CB
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 4 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1 valid: 4 signed: 0 trust: 3-, 1q, 0n, 0m, 0f, 0u
gpg: Good signature from "Daniel Robbins (metro:odroid-xu4) <drobbins@funtoo.org>" [full]
But instead, I am receiving this output:
gpg: Signature made Wed Nov 24 19:33:44 2021 UTC
gpg: using RSA key 30737D12308C9D0C882FC34B57CB0A121BAECB2E
gpg: Good signature from "Daniel Robbins (metro:node) <drobbins@funtoo.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 70AC BB6B FEE7 BC57 2A89 41D1 9266 C4FA 11FD 00FD
Subkey fingerprint: 3073 7D12 308C 9D0C 882F C34B 57CB 0A12 1BAE CB2E
I made sure to do the best I could at following the instructions for trusting last 8 digits of the BDFL fingerprint, and using gpg --recv-key command for the last 8 digits of the build server's primary key fingerprint. But then when I follow the next instruction: "gpg --verify stage3-latest.tar.xz.gpg stage3-latest.tar.xz" the above output is what I get. I use the actual file names, not a copy and paste of the text "stage3-latest.tar.xz.gpg stage3-latest.tar.xz" from the instruction.
I installed the Cinnamon desktop the other day, and I don't remember having this issue, if it is an issue. If it's not an issue, then I will just continue with the install process. If it is an issue, then this is the skylake stage 3 package for gnome.
Edited by dartomic 1st time: To maybe narrow down what my problem may be, if there is a problem. | 2nd time: spelling correction.
Question
dartomic
Edit: I should probably first say that I don't know much about what I am looking at here. I will learn more about that later once I start studying my cyber security books. I really just want to know if the output that I am getting is ok for me to continue with the installation process. I would hate to install some system that some jerk modified for some malicious reason.
I am wanting to install the recommended gnome stage 3. The instructions say that I should see output similar to this:
But instead, I am receiving this output:
I made sure to do the best I could at following the instructions for trusting last 8 digits of the BDFL fingerprint, and using gpg --recv-key command for the last 8 digits of the build server's primary key fingerprint. But then when I follow the next instruction: "gpg --verify stage3-latest.tar.xz.gpg stage3-latest.tar.xz" the above output is what I get. I use the actual file names, not a copy and paste of the text "stage3-latest.tar.xz.gpg stage3-latest.tar.xz" from the instruction.
I installed the Cinnamon desktop the other day, and I don't remember having this issue, if it is an issue. If it's not an issue, then I will just continue with the install process. If it is an issue, then this is the skylake stage 3 package for gnome.
1st time: To maybe narrow down what my problem may be, if there is a problem. | 2nd time: spelling correction.
Link to comment
Share on other sites
2 answers to this question
Recommended Posts