Not a 100% sure if my ISO passed verification; checking just in case

I just want to check if the ISO I’ve just downloaded passed the verification.

I typed trust in gpg and got this:

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

  1 = I don't know or won't say
  2 = I do NOT trust
  3 = I trust marginally
  4 = I trust fully
  5 = I trust ultimately
  m = back to the main menu

Your decision? 4

Then I entered save:

gpg> save
Key not changed so no update needed.

Ran:

gpg --verify EndeavourOS_Atlantis_neo-21_5.iso.sig

Got:

gpg: Good signature from "EndeavourOS <info@endeavouros.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.

The fingerprint from my terminal matches the fingerprint on the website.

So I’m cool?

1 Like

:cool:

1 Like
Good signature from "EndeavourOS <info@endeavouros.com>"

It says only that you do not set your trust level… what fails before by unknown reason

1 Like

@joekamprad

Perhaps a good idea to add a comment on the download page to explain that it is normal to get

gpg: WARNING: This key is not certified with a trusted signature!

unless one has signed the imported key with their own private key?

2022-01-10_17-46

All info is given already.

Right. Sorry for pinging for nothing.

Truth is I have been acting a bit buggy lately. Can’t unfortunately be looking forward to an update either.
The developer seems to have abandoned the project :sweat_smile:

i could share you some BUGS from my :brain: too currently :rofl:

1 Like

Sure, it would still be a major upgrade :rofl:

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.