In order to compile a new kernel on my Debian jessie, I am trying to verify the GPG key , following the instruction on the official website.
I have download the the linux-3.18.35.tar.sign
and linux-3.18.35.tar.xz
version and unzip it using unzx
.
To verify the .tar
archive using the command :
gpg --verify linux-3.18.35.tar.sign
I get:
gpg: assuming signed data in `linux-3.18.35.tar'
gpg: Signature made Wed 08 Jun 2016 01:19:29 AM CET using RSA key ID 6092693E
gpg: Can't check signature: public key not found
To get the public key from the PGP keyserver :
#gpg --keyserver hkp://keys.gnupg.net --recv-keys 6092693E
gpg: requesting key 6092693E from hkp server keys.gnupg.net
?: keys.gnupg.net: Host not found
gpgkeys: HTTP fetch error 7: couldn't connect: Connection refused
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
I get a similar problem with the 4.4.13
version too.
I have tried the following answer,
# gpg --keyserver subkeys.pgp.net --recv-keys 6092693E && gpg --export --armor 6092693E | sudo apt-key add -
gpg: requesting key 6092693E from hkp server subkeys.pgp.net
gpg: keyserver timed out
gpg: keyserver receive failed: keyserver error
And:
# gpg --keyserver subkeys.pgp.net:80 --recv-keys 6092693E
gpg: requesting key 6092693E from subkeys.pgp.net:80
gpgkeys: no keyserver host provided
gpg: keyserver internal error
gpg: keyserver receive failed: keyserver error
How to verify the kernel signature correctly?
--keyserver hkp://subkeys.pgp.net:80
do any better? – JigglyNaga Jun 10 '16 at 11:48