It has been (inadvertently) reported on the forums that the hash files have a bug. The first line of code in step 1 does not include the URL to download the key from. It currently shows this:
1. Verify the authenticity of this file by checking that it is signed with our
GPG release key:
$ curl | gpg --import
$ gpg --list-keys --with-fingerprint [email protected]
Following those instructions will result in failure (unless you already have the key in your local keyring). Something like this:
# gpg --verify debian-11-turnkey-wordpress_17.1-1_amd64.tar.gz.hash
gpg: directory '/root/.gnupg' created
gpg: keybox '/root/.gnupg/pubring.kbx' created
gpg: Signature made Mon 14 Nov 2022 01:54:20 PM IST
gpg: using RSA key DD83FEBBE256B92A29FC1B821E487A4631D6FEB6
gpg: Can't check signature: No public key
This is what the hash file should look like:
1. Verify the authenticity of this file by checking that it is signed with our
GPG release key:
$ curl https://raw.githubusercontent.com/turnkeylinux/common/18.x/keys/tkl-bullseye-images.asc | gpg --import
$ gpg --list-keys --with-fingerprint [email protected]
Running the (fixed) code, should give a result such as this:
$ gpg --verify debian-11-turnkey-wordpress_17.1-1_amd64.tar.gz.hash
gpg: Signature made Mon 14 Nov 2022 19:24:20 AEDT
gpg: using RSA key DD83FEBBE256B92A29FC1B821E487A4631D6FEB6
gpg: Good signature from "TurnKey GNU/Linux Bullseye Images (GPG signing key for TurnKey Linux Bullseye Images) " [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: E10F 6567 0C8E BE42 ED0C 3A49 CCA5 1174 468F 9073
Subkey fingerprint: DD83 FEBB E256 B92A 29FC 1B82 1E48 7A46 31D6 FEB6
It has been (inadvertently) reported on the forums that the hash files have a bug. The first line of code in step 1 does not include the URL to download the key from. It currently shows this:
Following those instructions will result in failure (unless you already have the key in your local keyring). Something like this:
This is what the hash file should look like:
Running the (fixed) code, should give a result such as this: