Re: Invalid Public Key File

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Sat, 14 Jan 2023 at 09:13, Jeff Mericle
<jeffmericle@xxxxxxxxxxxxxxxxx> wrote:
> I recently downloaded openssh-8.9pl.tar.gz, openssh-8.9pl.tar.gz, and DJM-GPG-KEY.asc.  I discovered that DJM-GPG-KEY.asc [...]
> I thought you might like to know this in order to place the proper public signature file with the distros.

It's there, it's just in the next directory up (since it's also used
to sign the OpenBSD-specific files which are in that directory).

This is described on the OpenSSH Portable download page
(https://www.openssh.com/portable.html):

"""
The following files describe the development efforts of the OpenSSH
portability development team. The release files are signed with the
PGP public key contained in the file RELEASE_KEY.asc on the ftp site.
This key is also available through the key server network and has a
fingerprint of 7168B983815A5EEF59A4ADFD2A3F414E736060BA.
"""

and release notes (https://www.openssh.com/releasenotes.html):

"""
The PGP key used to sign the releases is available from the mirror sites:
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc
"""

-- 
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux