Page 1 of 1

"WARNING: This key is not certified with a trusted signature!"

Posted: Fri Apr 07, 2017 3:05 pm
by JohnD
N00b here... Yesterday I downloaded the 18.1 KDE ISO and I just decided to verify it before using it. This is what I did:

Code: Select all

Fri Apr 07 20:28:33 $ ls -al
total 1983252
drwxr-xr-x  2 john john       4096 Apr  7 20:22 .
drwxr-xr-x 14 john john       4096 Apr  7 19:12 ..
-rw-r--r--  1 john john 2030829568 Apr  4 21:16 linuxmint-18.1-kde-64bit.iso
-rw-r--r--  1 john john        774 Apr  7 20:21 sha256sum.txt
-rw-r--r--  1 john john        819 Apr  7 20:21 sha256sum.txt.gpg
Fri Apr 07 20:28:42 $ sha256sum -b *.iso
62e144db08600ab0be08bdd8489dfb615c401899af869fa0c29679bc866d9dc5 *linuxmint-18.1-kde-64bit.iso
Fri Apr 07 20:28:55 $ sha256sum --ignore-missing -c sha256sum.txt
linuxmint-18.1-kde-64bit.iso: OK
Fri Apr 07 20:29:10 $ gpg --keyserver keyserver.ubuntu.com --recv-key "27DE B156 44C6 B3CF 3BD7  D291 300F 846B A25B AE09"
gpg: requesting key A25BAE09 from hkp server keyserver.ubuntu.com
gpg: key A25BAE09: "Linux Mint ISO Signing Key <root@linuxmint.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
Fri Apr 07 20:31:02 $ gpg --keyserver keyserver.ubuntu.com --recv-key A25BAE09
gpg: requesting key A25BAE09 from hkp server keyserver.ubuntu.com
gpg: key A25BAE09: "Linux Mint ISO Signing Key <root@linuxmint.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
Fri Apr 07 20:31:16 $ gpg --list-key --with-fingerprint A25BAE09
pub   4096R/A25BAE09 2016-06-07
      Key fingerprint = 27DE B156 44C6 B3CF 3BD7  D291 300F 846B A25B AE09
uid                  Linux Mint ISO Signing Key <root@linuxmint.com>

Fri Apr 07 20:31:24 $ gpg --verify sha256sum.txt.gpg sha256sum.txt
gpg: Signature made Wed 25 Jan 2017 08:06:26 PM CET using RSA key ID A25BAE09
gpg: Good signature from "Linux Mint ISO Signing Key <root@linuxmint.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 27DE B156 44C6 B3CF 3BD7  D291 300F 846B A25B AE09
Fri Apr 07 20:31:33 $ 
That's not what it's supposed to be, right? Did I do something wrong? (I'm a n00b but I've been using computers long enough to always first assume that *I* am at fault... :D )

Re: "WARNING: This key is not certified with a trusted signature!"

Posted: Fri Apr 07, 2017 5:42 pm
by slipstick
That message can be ignored. The important thing is the "Good signature...." message. The "not certified with a trusted signature..." message just means that you haven't used your own private key to sign the Mint key as trusted. Here's a tutorial on how to verify:

https://fred-barclay.github.io/VerifyLinuxMint/

Note regarding the "ls -al" in the first line of your code - in Mint, this is aliased to "ll" (double small letter L), so you can save some keystrokes by just typing ll instead of ls -al. :)

Re: "WARNING: This key is not certified with a trusted signature!"

Posted: Sat Apr 08, 2017 2:33 am
by JohnD
Great! Thanks for your reply...