forked from linuxboot/heads
-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
please include gpg validation steps #33
Comments
Agreed, especially these days when most keyservers are unreliable at best. FWIW, I can confirm the above fingerprint matches the one I get; the import command I used: |
you can also find my fingerprint on my profile page: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
use of gpg may be evident to many but not to all
here is the return output from validating the key
gpg: assuming signed data in 'sha256sum'
gpg: Signature made vr 05 jan 2024 10:27:14 CET
gpg: using RSA key C7E32619E2F71736F5910BB144CB2D868DD16BDA
gpg: Good signature from "Markus Meissner [email protected]" [unknown]
gpg: aka "Markus Meissner [email protected]" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: CC74 B712 0BFA A36F F428 6872 4C14 49F1 C980 4176
Subkey fingerprint: C7E3 2619 E2F7 1736 F591 0BB1 44CB 2D86 8DD1 6BDA
gpg: no valid OpenPGP data found.
gpg: verify files failed: Unknown system error
Describe the solution you'd like
a single line on how to import the gpg key to validate the sha256sum.sig against sha256sum
Describe alternatives you've considered
use of the Nitrokey documentation also has no sensible documented command how to import the key for Markus
Additional context
https://docs.nitrokey.com/nitropad/ubuntu/firmware-update
The text was updated successfully, but these errors were encountered: