gpg public key doesnt seems to be working

soimort / translate-shell

:speech_balloon: Command-line translator using Google Translate, Bing Translator, Yandex.Translate, etc.

https://www.soimort.org/translate-shell

The Unlicense

6.83k stars 387 forks source link

gpg public key doesnt seems to be working #504

Closed lk77 closed 8 months ago

lk77 commented 8 months ago

Hello,

Here is what i have :

gpg --verify ./trans.sig
gpg: assuming signed data in './trans'
gpg: Signature made Wed 08 Feb 2023 15:38:43 CET
gpg:                using RSA key 8A9CA65383B671BC995CCEAE07DA00CB78203251
gpg: Can't check signature: No public key

thanks.

soimort commented 8 months ago

You need to first import the Public Key of the distributor (me) before verifying the signature of something you downloaded, otherwise GPG has no knowledge of who the distributor is.

In this case, search for the key ID of mine:

$ gpg --keyserver keyserver.ubuntu.com --search-keys soimort

Then use gpg --keyserver keyserver.ubuntu.com --recv-keys [key_ID] to import it. See [1] on more on this.

[1] https://www.oreilly.com/library/view/linux-security-cookbook/0596003919/ch07s21.html