Authenticity Check results?? SOLVED

Questions about Grub, UEFI,the liveCD and the installer
Forum rules
Before you post please read how to get help
Post Reply
wind_rose_2
Level 2
Level 2
Posts: 55
Joined: Sun Nov 12, 2017 12:32 am

Authenticity Check results?? SOLVED

Post by wind_rose_2 » Fri Sep 20, 2019 11:30 am

Having verified my burned copy l have proceeded to do an authenticity check as directed and this is the result..

dave@linuxmint18 ~/ISO $ gpg --verify sha256sum.txt.gpg sha256sum.txt
gpg: Signature made Mon 29 Jul 2019 12:43:47 PM EDT using RSA key ID A25BAE09
gpg: Good signature from "Linux Mint ISO Signing Key <root@linuxmint.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 27DE B156 44C6 B3CF 3BD7 D291 300F 846B A25B AE09
dave@linuxmint18 ~/ISO $

My concern is the WARNING...the numbers do match however is this a typical reply?
Last edited by wind_rose_2 on Fri Sep 20, 2019 1:06 pm, edited 1 time in total.

User avatar
Larry78723
Level 7
Level 7
Posts: 1557
Joined: Wed Jan 09, 2019 7:01 pm
Location: Jasper County, SC, USA

Re: Authenticity Check results??

Post by Larry78723 » Fri Sep 20, 2019 11:42 am

Don't worry about it. You verified the sha256sum in your previous thread.
Image

wind_rose_2
Level 2
Level 2
Posts: 55
Joined: Sun Nov 12, 2017 12:32 am

Re: Authenticity Check results??

Post by wind_rose_2 » Fri Sep 20, 2019 1:05 pm

Larry78723 wrote:
Fri Sep 20, 2019 11:42 am
Don't worry about it. You verified the sha256sum in your previous thread.
Easy for you to say....it just sounded rather ominous !
Thanks

User avatar
pbear
Level 8
Level 8
Posts: 2457
Joined: Wed Jun 21, 2017 12:25 pm
Location: San Francisco

Re: Authenticity Check results??

Post by pbear » Fri Sep 20, 2019 1:06 pm

Larry, the GPG check does a different thing from the checksum. That's why there are two steps to the process.

wind_rose_2, you're fine. The "Good signature" result is what matters. The next two lines are advanced features of GPG not needed for this purpose. From the Mint verification page, "Note: Unless you trusted this signature in the past, or a signature which trusted it, GPG should warn you that the signature is not trusted. This is expected and perfectly normal."
Time flies like an arrow. Fruit flies like a banana.
If your problem has been solved, please edit the thread title.

Post Reply

Return to “Installation & Boot”