... | ... | @@ -9,7 +9,7 @@ minisign -V -x clamtk-6.11.tar.xz.minisig -p davemminisign.pub -m clamtk-6.11.ta |
|
|
Get the rpm gpg key from here:
|
|
|
https://davem.fedorapeople.org/RPM-GPG-KEY-DaveM-21-June-2018
|
|
|
|
|
|
Check the signature on the .deb file with the *.changes file. Look for "GOODSIG" when you run it:
|
|
|
Once you import the key (typically with `gpg --import RPM-GPG-KEY-DaveM-21-June-2018`), Debian/Ubuntu users can check the signature on the .deb file with the *.changes file. Look for "GOODSIG" when you run it:
|
|
|
```
|
|
|
$ dpkg-sig --verify clamtk_6.11-1_all.deb clamtk_6.11-1_amd64.changes
|
|
|
Processing clamtk_6.11-1_all.deb...
|
... | ... | @@ -19,7 +19,7 @@ Processing ./clamtk_6.11-1_all.deb... |
|
|
GOODSIG _gpgbuilder 5DD47B3B121EE5C354A20305F51D19546ADA59DE 1617971331
|
|
|
```
|
|
|
|
|
|
Import it like this:
|
|
|
For RedHat-based distributions, you can import it like this:
|
|
|
`rpm --import RPM-GPG-KEY-DaveM-21-June-2018`
|
|
|
|
|
|
Check the signature on the rpms like this:
|
... | ... | @@ -30,7 +30,9 @@ clamtk-6.11-1.el8.noarch.rpm: digests signatures OK |
|
|
clamtk-6.11-1.fc33.noarch.rpm: digests signatures OK
|
|
|
```
|
|
|
|
|
|
MD5sum list for 6.11:
|
|
|
No gpg key is necessary for checking the hashes.
|
|
|
|
|
|
Here is the md5sum list for 6.11:
|
|
|
```
|
|
|
36f0bf18b74a2a4c77a9444fb4192e6b clamtk_6.11-1_all.deb
|
|
|
57661f7e0aca72e63e7b06ff46b4d323 clamtk-6.11-1.el7.noarch.rpm
|
... | ... | @@ -41,7 +43,7 @@ c6256e62c8ab5584119269792b22d687 clamtk-6.11.tar.xz.asc |
|
|
0ec5c477ae4965a9d960f79bae2e328f clamtk-6.11.tar.xz.minisig
|
|
|
```
|
|
|
|
|
|
SHA256sum list for 6.11:
|
|
|
Here is the sha256sum list for 6.11:
|
|
|
```
|
|
|
fde2f022874e2ca65de70a64105ae8eeaf0bee3ee7c3e5e14df97ce9d8355375 clamtk_6.11-1_all.deb
|
|
|
7c0c3336de74a23ed67016d78c2e56e15d78ca7a06f50850dd17a2f13177ea8a clamtk-6.11-1.el7.noarch.rpm
|
... | ... | |