View Single Post
Old 12th July 2014
cravuhaw2C cravuhaw2C is offline
Port Guard
 
Join Date: Jul 2014
Posts: 45
Default

Quote:
Originally Posted by jggimi View Post
The SHA256.sig file is available for your architecture from your nearby mirror, at http://<your.nearby.mirror>/pub/OpenBSD/5.5/<your.architecture>. It is not included on the ISO images.
Yes, I did download that plus SHA256 file.

What I need also is the signing key belonging to the person(s) who sign(s) the ISO images.

In Debian and its variants, one imports the signing key by issuing the following command:

gpg --keyserver x-hkp://pool.sks-keyservers.net --recv-keys 0x21C031063EAB569

After importing the signing key, one issues the following command:

gpg --verify SHA256.sig

In Microsoft Windows OS, we first install the free and open-source gpg4win. Next, we retrieve the signing key from pgp.mit.edu. The signing key has a file extension of asc

We launch a command prompt, navigate to the folder/directory where the ISO image, SHA256 and SHA256.sig are located and issue the following command:

H:\>gpg --verify SHA256.sig SHA256
Reply With Quote