You must log in or register to comment.
for some reasons, I can’t verify the signature of the files.
I downloaded tail-signing.key from https://tails.net/tails-signing.key
then made a keyring file.
ran gpgv --keyring ./tails.keyring tails-amd64-6.4.img.sig tails-amd64-6.4.img
it gave me error saying using EDDSA key 26D26… Can’t check signature: No public key.
I even tried using the same keyring for 6.3 and it was fine. Only for this version I;m having trouble.
Anyone would please confirm the SHA256SUM if you could verify the signature?
My steps which worked:
gpg --no-default-keyring --keyring ~/tmp/trustedkeys.gpg --fingerprint gpg --no-default-keyring --keyring ~/tmp/trustedkeys.gpg --import ~/tmp/tails-signing.key gpg --no-default-keyring --keyring ~/tmp/trustedkeys.gpg --verify tails-amd64-6.4.img.sig
Checksums:
sha256sum tails-amd64-6.4.img tails-amd64-6.4.img.sig ~/tmp/tails-signing.key f8c36fad61a7f8c0fce45202369f85499a1c90f1bc7e5e5b320f2de1c3fa4e8d tails-amd64-6.4.img bbdd3df622d04f93b40070cd34ba423f7aeb1a7705d65b9da9cc598fc7d8e848 tails-amd64-6.4.img.sig 73c2e478295be78d625220cd6cf7035caeab0a9c48379305ec86e83d43add953 ~/tmp/tails-signing.key
Some Linux distros you can right click the file and there is an option to auto verify the key is correct. Linux mint is one. Use a live USB.