[ossec-list] Re: Silly problem

[David Williams <davewill@xxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mark,
	The signature may be gzipped.  Check:
file ossec-hids-1.2.tar.gz.sig
if it reports gzip compressed data you will need to rename
ossec-hids-1.2.tar.gz.sig to ossec-hids-1.2.tar.gz.sig.gz, gunzip it
(gunzip will be happier with the .gz extension), then run
gpg --verify  ossec-hids-1.2.tar.gz.sig and it should be happy.
	-David

Mark Roggenkamp wrote:
> Surely I'm doing something silly here but I can't get the sig for
> http://www.ossec.net/files/ossec-hids-1.2.tar.gz to verify. I'm using
> http://www.ossec.net/files/ossec-hids-1.2.tar.gz.sig.
> 
> The windows agent seems to verify fine.
> 
> I'm doing gpg --verify ossec-hids-1.2.tar.gz.sig ossec-hids-1.2.tar.gz
> 
> and it says:
> 
> gpg: no valid OpenPGP data found.
> gpg: the signature could not be verified.
> Please remember that the signature file (.sig or .asc)
> should be the first file given on the command line.
> 
> Any idea what I may be doing wrong?
> 
> Best Regards,
> Mark

- --
_______________________________________________
GPG (http://www.gnupg.org/) key available from:
http://www.kayakero.net/per/david/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGipn+CzuSgviBh00RAt+aAJ9pGsQhZOi3E4i3e23b+v5BT1JRKQCfQVD7
D8bobjUrhR2XnR2MazHoC3c=
=oppQ
-----END PGP SIGNATURE-----