gpg verification issue

Ceaus1 · December 13, 2024, 8:07pm

I’m trying to verify the signature of the checksum file, but I’m running into issues:

koos@rietgors:~/tmp> gpg --import release-key.txt
gpg: key E5665F9BD5970C47: 1 signature not checked due to a missing key
gpg: key E5665F9BD5970C47: public key "Syncthing Release Management <release@syncthing.net>" imported
gpg: Total number processed: 1
gpg:               imported: 1
gpg: no ultimately trusted keys found

koos@rietgors:~/tmp> gpg --verify sha256sum.txt.asc
gpg: Signature made Wed Oct 16 09:53:19 2024 CEST
gpg:                using RSA key 37C84554E7E0A261E4F76E1ED26E6ED000654A3E
gpg: Can't check signature: No public key

Apparently I’m still missing the pubkey. Seems odd, no?

calmh · December 13, 2024, 9:06pm

Ah, that one is only signed by the old key and not the new one. I’ll see to it, thanks for reporting.

system · January 12, 2025, 9:06pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.