lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 5 Aug 2020 20:59:24 -0400
From:   David Niklas <Hgntkwis@...mail.net>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     LKML <linux-kernel@...r.kernel.org>
Subject: Is anyone else getting a bad signature from kernel.org's 5.8
 sources+Greg's sign?

Hello,
I downloaded the kernel sources from kernel.org using curl, then
opera, and finally lynx (to rule out an html parsing bug). I did the same
with the sign and I keep getting:

%  gpg2 --verify linux-5.8.tar.sign linux-5.8.tar.xz
gpg: Signature made Mon Aug  3 00:19:13 2020 EDT
gpg:                using RSA key 647F28654894E3BD457199BE38DBBDC86092693E
gpg: BAD signature from "Greg Kroah-Hartman
<gregkh@...uxfoundation.org>" [unknown]

I did refresh all the keys just in case.
I believe this is important so I'm addressing this to the signer and only
CC'ing the list.

If I'm made some simple mistake, feel free to send SIG666 to my terminal.
I did re-read the man page just in case.

Thanks,
David

Powered by blists - more mailing lists