commit 5eae6b91eccbd0a6b6266401681f3693ee91c2d9 parent 65257849ba8ea8f184c2ccae1bde77b205bfd02c Author: Vincent Forest <vincent.forest@meso-star.com> Date: Mon, 2 Oct 2017 15:59:32 +0200 Small update of the PGP signature section Diffstat:
| M | pgp_signature.html.in | | | 6 | +++--- |
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pgp_signature.html.in b/pgp_signature.html.in @@ -14,8 +14,8 @@ on your system. Then download the archive and its PGP signature and use the signature. <pre class="code"> -$ wget https//www.meso-star.com/downloads/Solstice-${VERSION}-GNU-Linux.tar.gz -$ wget https//www.meso-star.com/downloads/Solstice-${VERSION}-GNU-Linux.tar.gz.sig +$ wget www.meso-star.com/solstice/downloads/Solstice-${VERSION}-GNU-Linux.tar.gz +$ wget www.meso-star.com/solstice/downloads/Solstice-${VERSION}-GNU-Linux.tar.gz.sig $ gpg2 --verify Solstice-${VERSION}-GNU-Linux.tar.gz.sig </pre> @@ -55,7 +55,7 @@ Primary key fingerprint: 20EB E4CF 3D9F 4B9A E55D 5F59 679F 2975 93B2 C8A2 cannot be sure that the key used to sign the archive really belongs to the owner. The best option is to physically meet the actual owner and ask for him about the key validity. More simply, but also less secure, you can review the -list of signatures of the key with <code>gpg --list-sigs</code> and then make a +list of signatures of the key with <code>gpg2 --list-sigs</code> and then make a decision whether you <a href="https://www.gnupg.org/gph/en/manual/x334.html">trust</a> that key or not.</p>