how to verify the validity of the binary using the public key?

10

1

I want to install Cygwin-64 ,when i go to download page ,some information tells me: Run setup-x86_64.exe any time you want to update or install a Cygwin package for 64-bit windows. The signature for setup-x86_64.exe can be used to verify the validity of this binary using this public key.

Installing and Updating Cygwin Packages

How can i verify the validity of this binary using this public key?How to write the command in cmd ?

it_is_a_literature

Posted 2014-06-25T06:39:24.677

Reputation: 373

Answers

3

First, import the key with:

gpg --import pubring.asc
gpg --list-keys

Now you can verify this signature against your list of public keys:

gpg --verify setup-x86_64.exe.sig setup-x86_64.exe

elsamuko

Posted 2014-06-25T06:39:24.677

Reputation: 81

7please explain thte answer and what the commands do – Fazer87 – 2014-06-25T09:35:42.727

How do you verify the validity of pubring.asc found here?

– Tino – 2015-12-05T12:02:38.307

You can alternatively import the public key with gpg --recv-keys 0xa9a262ff676041ba. The public key can be found e.g. here.

– elsamuko – 2015-12-06T13:24:58.533

what if I do not have gpg yet? I've found that it is a "chicken and egg problem": https://cygwin.com/ml/cygwin/2009-05/msg00587.html

– Andrzej Martyna – 2018-03-27T20:14:45.893

Asked: 2014-06-25T06:39:24.677

Viewed: 5 121 times

Active: 2019-06-04T06:54:44.917