[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

.asc signtures missing

Trying to download
Whonix-XFCE-15.0.0.4.9.libvirt.xz.asc but they are missing on sourceforge :frowning:

Thanks for letting me know. It seems to be a broken link on the wiki rather than it being totally unavailable. I just downloaded directly from the sf directory

https://sourceforge.net/projects/whonix-kvm/files/libvirt/15.0.0.4.9/

Please dl it and try again.

cc/ @Patrick I need your help fixing the broken sig links please


EDIT:

It seems we just care about hashing the tarball and just signing these resulting files instead of the archive itself? If tha’s the case then the .asc for the tarball can safely be removed (since it doesn’t exist)?

Or did the prepare relese script break before generating this file?

https://sourceforge.net/projects/whonix-kvm/files/libvirt/15.0.0.4.9/ has no asc file.

No, sign the file directly. This is the main method. This is documented for years:

Hashes and signed hash files is an advanced users only feature.

I have no idea. Check output of prepare_release script.

Hi, in the directory which HulaHoop given us (https://sourceforge.net/projects/whonix-kvm/files/libvirt/15.0.0.4.9/ and I already visited before) there isn’t any Whonix-XFCE-15.0.0.4.9.libvirt.xz.asc.
There is different .asc files. I tried to verify using alls of them, but any worked. Alls returned “BAD signature from “HulaHoop” [unknown]” message.
Witch of the signature files in the above link must be used to verify the Whonix-XFCE-15.0.0.4.9.libvirt.xz image?
Thanks

@erasmo52 I’ve just tried to reproduce your complaint but I receive a GOOD signature from HulaHoop. The situation is not ideal because the main .asc is indeed missing but Users can make do with the signed hash checksums files from now. I feel running the entire build process just for this one step would be a waste. I will try to make sure it doesn’t happen again though.

Why complete rebuild? No need. Just sign the file and upload.

1 Like

I am sorry to bother you again but you didn’t answer my question.
You tell: [quote=“HulaHoop, post:5, topic:8217”]
I receive a GOOD signature from HulaHoop
[/quote], but can you tell me witch signature file you used to verify the libvirt.xz image? Or follow what Patrick_mobile recommended to do, it must be quite simple, finally.
Thanks

1 Like

Fixed. Sorry for the laziness. Have a nice day.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]