I’ve downloaded 4 times from different sources (xfce ova version), the signature doesn’t match, maybe it got corrupted when uploading the ova, could you please check?
Thank you so much.
I cannot reproduce this.
- Whonix ™ Linux Installer for VirtualBox works for me.
- Manual download and verification also works for me.
Tested:
gpg --verify Whonix-Xfce-17.0.3.0.ova.asc
gpg: assuming signed data in 'Whonix-Xfce-17.0.3.0.ova'
gpg: Signature made Mon 10 Jul 2023 11:23:27 PM UTC
gpg: using RSA key 6E979B28A6F37C43BE30AFA1CB8D50BB77BB3C48
gpg: Good signature from "Patrick Schleizer <adrelanos@kicksecure.com>" [unknown]
gpg: aka "Patrick Schleizer <adrelanos@riseup.net>" [unknown]
gpg: aka "Patrick Schleizer <adrelanos@whonix.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 916B 8D99 C38E AF5E 8ADC 7A2A 8D66 066A 2EEA CCDA
Subkey fingerprint: 6E97 9B28 A6F3 7C43 BE30 AFA1 CB8D 50BB 77BB 3C48
Verified on server and verified after downloading it myself.
I have downloaded the ova again and this time it has matched me. Apparently the previous downloads were downloaded wrong.
Thanks for everything.
2 Likes