The check fails, apparently. Am I wrong?
Code: Select all
$ gpg --recv-key A25BAE09
gpg: requesting key A25BAE09 from hkp server keys.gnupg.net
gpg: key A25BAE09: "Linux Mint ISO Signing Key <root@linuxmint.com>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
$ gpg --list-keys --with-fingerprint
/home/alessio/.gnupg/pubring.gpg
--------------------------------
pub 4096R/D38B4796 2016-04-12
Key fingerprint = EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796
uid Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>
sub 4096R/640DB551 2016-04-12 [expires: 2019-04-12]
pub 4096R/A25BAE09 2016-06-07
Key fingerprint = 27DE B156 44C6 B3CF 3BD7 D291 300F 846B A25B AE09
uid Linux Mint ISO Signing Key <root@linuxmint.com>
$ gpg --verify sha256sum.txt.gpg sha256sum.txt
gpg: Signature made Tue 07 Jun 2016 06:46:57 PM CEST using RSA key ID A25BAE09
gpg: Good signature from "Linux Mint ISO Signing Key <root@linuxmint.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 27DE B156 44C6 B3CF 3BD7 D291 300F 846B A25B AE09
$ sha256sum -b linuxmint-18-cinnamon-64bit-beta.iso
8a2d3a3276d36497470156063e02ba894d5b9d562a8edf856dd29ee479eb55c4 *linuxmint-18-cinnamon-64bit-beta.iso
Or should I look for 8a2d3a3276d36497470156063e02ba894d5b9d562a8edf856dd29ee479eb55c4 in the sha256sum.txt file?
There it is listed...