Hi, sorry to use this contact address, was not sure where else to direct this. The procedure in this page has one significant stumbling point - the *-CHECKSUM file is a gzipped file - at least when it is downloaded using wget. ( I have tested it with https://fedoraproject.org/static/checksums/Fedora-12-i386-CHECKSUM ) Obviously it needs to unzipped - which is not quickly obvious for a bunch of reasons, eg it has no ".gz" suffix and many editors/viewers will unzip it automatically so the unsuspecting user is left scratching his head why it doesnt work when the file looks perfectly ok when viewed with "less" The result are rather cryptic error messages like # gpg --verify *-CHECKSUM gpg: no valid OpenPGP data found. gpg: the signature could not be verified. Please remember that the signature file (.sig or .asc) should be the first file given on the command line. Regards Richard -- Fedora-websites-list mailing list Fedora-websites-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-websites-list