"WARNING: This key is not certified with a trusted signature!"

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
Post Reply
JohnD
Level 1
Level 1
Posts: 2
Joined: Fri Apr 07, 2017 2:42 pm

"WARNING: This key is not certified with a trusted signature!"

Post by JohnD »

N00b here... Yesterday I downloaded the 18.1 KDE ISO and I just decided to verify it before using it. This is what I did:

Code: Select all

Fri Apr 07 20:28:33 $ ls -al
total 1983252
drwxr-xr-x  2 john john       4096 Apr  7 20:22 .
drwxr-xr-x 14 john john       4096 Apr  7 19:12 ..
-rw-r--r--  1 john john 2030829568 Apr  4 21:16 linuxmint-18.1-kde-64bit.iso
-rw-r--r--  1 john john        774 Apr  7 20:21 sha256sum.txt
-rw-r--r--  1 john john        819 Apr  7 20:21 sha256sum.txt.gpg
Fri Apr 07 20:28:42 $ sha256sum -b *.iso
62e144db08600ab0be08bdd8489dfb615c401899af869fa0c29679bc866d9dc5 *linuxmint-18.1-kde-64bit.iso
Fri Apr 07 20:28:55 $ sha256sum --ignore-missing -c sha256sum.txt
linuxmint-18.1-kde-64bit.iso: OK
Fri Apr 07 20:29:10 $ gpg --keyserver keyserver.ubuntu.com --recv-key "27DE B156 44C6 B3CF 3BD7  D291 300F 846B A25B AE09"
gpg: requesting key A25BAE09 from hkp server keyserver.ubuntu.com
gpg: key A25BAE09: "Linux Mint ISO Signing Key <root@linuxmint.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
Fri Apr 07 20:31:02 $ gpg --keyserver keyserver.ubuntu.com --recv-key A25BAE09
gpg: requesting key A25BAE09 from hkp server keyserver.ubuntu.com
gpg: key A25BAE09: "Linux Mint ISO Signing Key <root@linuxmint.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
Fri Apr 07 20:31:16 $ gpg --list-key --with-fingerprint A25BAE09
pub   4096R/A25BAE09 2016-06-07
      Key fingerprint = 27DE B156 44C6 B3CF 3BD7  D291 300F 846B A25B AE09
uid                  Linux Mint ISO Signing Key <root@linuxmint.com>

Fri Apr 07 20:31:24 $ gpg --verify sha256sum.txt.gpg sha256sum.txt
gpg: Signature made Wed 25 Jan 2017 08:06:26 PM CET using RSA key ID A25BAE09
gpg: Good signature from "Linux Mint ISO Signing Key <root@linuxmint.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 27DE B156 44C6 B3CF 3BD7  D291 300F 846B A25B AE09
Fri Apr 07 20:31:33 $ 
That's not what it's supposed to be, right? Did I do something wrong? (I'm a n00b but I've been using computers long enough to always first assume that *I* am at fault... :D )
User avatar
slipstick
Level 6
Level 6
Posts: 1039
Joined: Sun Oct 21, 2012 9:56 pm
Location: Somewhere on the /LL0 scale

Re: "WARNING: This key is not certified with a trusted signature!"

Post by slipstick »

That message can be ignored. The important thing is the "Good signature...." message. The "not certified with a trusted signature..." message just means that you haven't used your own private key to sign the Mint key as trusted. Here's a tutorial on how to verify:

https://fred-barclay.github.io/VerifyLinuxMint/

Note regarding the "ls -al" in the first line of your code - in Mint, this is aliased to "ll" (double small letter L), so you can save some keystrokes by just typing ll instead of ls -al. :)
In theory, theory and practice are the same. In practice, they ain't.
JohnD
Level 1
Level 1
Posts: 2
Joined: Fri Apr 07, 2017 2:42 pm

Re: "WARNING: This key is not certified with a trusted signature!"

Post by JohnD »

Great! Thanks for your reply...
Post Reply

Return to “Newbie Questions”