[systemd-devel] Verify the gpg signature of the given tag
poma
pomidorabelisima at gmail.com
Wed May 11 15:37:22 UTC 2016
On 11.05.2016 10:36, Greg KH wrote:
> On Wed, May 11, 2016 at 09:57:05AM +0200, poma wrote:
>>
>> $ git tag --verify v229
>> object 95adafc428b5b4be0ddd4d43a7b96658390388bc
>> type commit
>> tag v229
>> tagger Lennart Poettering <lennart at poettering.net> 1455208658 +0100
>>
>> systemd 229
>> gpg: Signature made Thu 11 Feb 2016 05:37:38 PM CET using RSA key ID 9C3485B0
>> gpg: Good signature from "Lennart Poettering <lennart at poettering.net>"
>> gpg: aka "Lennart Poettering <lennart at poettering.de>"
>> gpg: aka "Lennart Poettering (Red Hat) <lpoetter at redhat.com>"
>> gpg: aka "Lennart Poettering (Sourceforge.net) <poettering at users.sourceforge.net>"
>> gpg: WARNING: This key is not certified with a trusted signature!
>> gpg: There is no indication that the signature belongs to the owner.
>> Primary key fingerprint: 63CD A1E5 D3FC 22B9 98D2 0DD6 327F 2695 1A01 5CC4
>> Subkey fingerprint: 16B1 C4EE C0BC 021A C777 F681 B63B 2187 9C34 85B0
>>
>>
>> How to do this without "gpg: WARNING:" part?
>
> That's on your end, not the repo's end. I suggest reading up on gpg
> trust models if you wish for this to be able to be resolved on your
> system.
>
> good luck!
>
> greg k-h
>
Hello Greg! :)
Marshall Field - "Give the lady what she wants"
https://en.wikipedia.org/wiki/The_customer_is_always_right
More information about the systemd-devel
mailing list