When I try and post my issue below, the forum site says:
Sorry, new users can only put 2 links in a post.
I am not trying to put any links in the post, but the links in the text below are recognized as such, so I have to try and edit the links so they are not links. I tried to quote things but that didnt help.
I am replacing https:// with lala- but this did not help either. Really frustrating when one cant ask a question because the site limits them.
Anyways I will try editing things until I can post…
[Verify checksum signature] - Another post in this forum whose link I had to chop out.
I would like to verify the iso.
But I am getting stuck.
So far what I have done is:
Download the iso file: Rocky-8.4-x86_64-dvd1.iso
Download the CHECKSUM file
Put them in a separate folder
> gpg2 --keyserver lala-//keys.openpgp.org --locate-keys 'firstname.lastname@example.org'
Which gives me:
gpg: key AA650F52D6C094FA: public key “Core Infrastructure email@example.com” imported
gpg: Total number processed: 1
gpg: imported: 1
pub ed25519 2021-05-17 [SC] [expires: 2023-05-17]
uid [ unknown] Core Infrastructure firstname.lastname@example.org
sub cv25519 2021-05-17 [E] [expires: 2023-05-17]
The next step is not documented (I cant find this in the forum nor the Download instructions) but I thought it should be:
gpg --verify CHECKSUM
But this gives me the error:
gpg: no valid OpenPGP data found.
gpg: the signature could not be verified.
Please remember that the signature file (.sig or .asc)
should be the first file given on the command line.
What should be the next steps to completely verify a download?
Thanks ahead of time…