GPGで署名確認

Home » メモ帳 » Linux » GPGで署名確認
Linux コメントはまだありません

GPG署名(拡張子.sig)を検証する。

まずは検証したいファイルのダウンロード。(テスト対象は clamav)

$ wget http://jaist.dl.sourceforge.net/sourceforge/clamav/clamav-0.87.1.tar.gz
$ wget http://jaist.dl.sourceforge.net/sourceforge/clamav/clamav-0.87.1.tar.gz.sig
$ gpg –verify clamav-0.87.1.tar.gz.sig
gpg: failed to create temporary file `/home/$USER/.gnupg/.#lk0xb7ef0188.lachesis.pooh.gr.jp.10901′: No such file or directory
gpg: keyblock resource `/home/$USER/.gnupg/pubring.gpg’: general error
gpg: Signature made Fri Nov 4 06:05:06 2005 JST using DSA key ID 985A444B
gpg: Can’t check signature: public key not found

…うまくいかね。

$ ls -l /home/$USER/.gnupg
ls: /home/$USER/.gnupg: No such file or directory

…そもそも論、”.gnupg”ディレクトリがねーし?

$mkdir /home/$USER/.gnupg/
$ chmod 700 /home/$USER/.gnupg/

…ないものは作ればいい。鍵おくところだから、700にしとく。

$ gpg –verify clamav-0.87.1.tar.gz.sig
gpg: keyring `/home/$USER/.gnupg/pubring.gpg’ created
gpg: Signature made Fri Nov 4 06:05:06 2005 JST using DSA key ID 985A444B
gpg: Can’t check signature: public key not found

…もっかいチャレンジ。。。やっぱだめぽ。

…やっぱり自分で公開鍵を持ってこないとだめぽ。
 ”key ID 985A444B”をゲットしてみる。

$ gpg –recv-keys 985A444B
gpg: keyring `/home/$USER/.gnupg/secring.gpg’ created
gpg: no keyserver known (use option –keyserver)
gpg: keyserver receive failed: bad URI/td>

…鍵サーバーも指定せなあかんらしい。JPNIC(pgp.nic.ad.jp)指定しとこ。

$ gpg –keyserver pgp.nic.ad.jp –recv-keys 985A444B
gpg: /home/$USER/.gnupg/trustdb.gpg: trustdb created
gpg: key 985A444B: public key “Tomasz Kojm <tkojm@clamav.net>” imported
gpg: Total number processed: 1
gpg: imported: 1

…公開鍵げと。

$ gpg –verify clamav-0.87.1.tar.gz.sig gpg: Signature made Fri Nov 4 06:05:06 2005 JST using DSA key ID 985A444B
gpg: Good signature from “Tomasz Kojm <tkojm@clamav.net>”
gpg: aka “Tomasz Kojm <tk@lodz.tpnet.pl>”
gpg: aka “Tomasz Kojm <zolw@konarski.edu.pl>”
gpg: checking the trustdb
gpg: no ultimately trusted keys found
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0DCA 5A08 407D 5288 279D B434 5482 2DC8 985A 444B

…こんぐらっちゅれーしょん。