Topic: v4.0 Wasabi Backend, the old clients mandatory update. (Read 168 times)
Thank you all for confirming what a new user should see upon install. Yes zkSNACKs pgp key was not added before pgp verification of download - thank you for pointing that out.
Generates the ouput:
gpg: Signature made Wed 05 Aug 2020 05:00:01 PM HKT
gpg: using RSA key 6FB3872B5D42292F59920797856348328949861E
gpg: Good signature from "zkSNACKs <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6FB3 872B 5D42 292F 5992 0797 8563 4832 8949 861E
for clarification: gpg says figerprint is correct for wasabi deb but the fingerprint is not certified as trusted ? Is this what users should expect from gpg verification before install?
gpg: Signature made Wed 05 Aug 2020 05:00:01 PM HKT
gpg: using RSA key 6FB3872B5D42292F59920797856348328949861E
gpg: Good signature from "zkSNACKs <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6FB3 872B 5D42 292F 5992 0797 8563 4832 8949 861E
for clarification: gpg says figerprint is correct for wasabi deb but the fingerprint is not certified as trusted ? Is this what users should expect from gpg verification before install?
Yes, that's the expected output.
The warning appears because you do not trust the key yourself yet. The important part is the bold line.
When using the correct key, that's all you need to look for.
Hi,
Download .deb and Signature - wasabiwallet.io
Get pgp key from this public page:
https://docs.wasabiwallet.io/using-wasabi/InstallPackage.html#debian-and-ubuntu
Verify that the fingerprint is 6FB3872B5D42292F59920797856348328949861E
$ sudo gpg --keyserver pgp.mit.edu --recv-keys 6FB3872B5D42292F59920797856348328949861E
That should confirm key belongs to gpg: key 856348328949861E: public key "zkSNACKs <[email protected]>
$ sudo gpg --verify Wasabi-1.1.12.deb.SIGNATURE.asc Wasabi-1.1.12.deb
Where the two input files are the Wasabi package downloaded and associate Signature.asc
Generates the ouput:
gpg: Signature made Wed 05 Aug 2020 05:00:01 PM HKT
gpg: using RSA key 6FB3872B5D42292F59920797856348328949861E
gpg: Good signature from "zkSNACKs <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6FB3 872B 5D42 292F 5992 0797 8563 4832 8949 861E
for clarification: gpg says figerprint is correct for wasabi deb but the fingerprint is not certified as trusted ? Is this what users should expect from gpg verification before install?
https://imgur.com/a/oEOxTC0
Download .deb and Signature - wasabiwallet.io
Get pgp key from this public page:
https://docs.wasabiwallet.io/using-wasabi/InstallPackage.html#debian-and-ubuntu
Verify that the fingerprint is 6FB3872B5D42292F59920797856348328949861E
$ sudo gpg --keyserver pgp.mit.edu --recv-keys 6FB3872B5D42292F59920797856348328949861E
That should confirm key belongs to gpg: key 856348328949861E: public key "zkSNACKs <[email protected]>
$ sudo gpg --verify Wasabi-1.1.12.deb.SIGNATURE.asc Wasabi-1.1.12.deb
Where the two input files are the Wasabi package downloaded and associate Signature.asc
Generates the ouput:
gpg: Signature made Wed 05 Aug 2020 05:00:01 PM HKT
gpg: using RSA key 6FB3872B5D42292F59920797856348328949861E
gpg: Good signature from "zkSNACKs <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6FB3 872B 5D42 292F 5992 0797 8563 4832 8949 861E
for clarification: gpg says figerprint is correct for wasabi deb but the fingerprint is not certified as trusted ? Is this what users should expect from gpg verification before install?
https://imgur.com/a/oEOxTC0
.
Jump to: