linux-3.11.4.tar.sign 和linux-3.11.4.tar.xz
这两个文件怎么用呢?
类似MD5校验,第一个文件是一个文本文件,第二个文件是内核文件,现在需要用linux-3.11.4.tar.xz生成linux-3.11.4.tar,并计算linux-3.11.4.tar的校验值是否与linux-3.11.4.tar.sign相等。
第一,下载并解压.xz:
wget https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.11.4.tar.sign
wget https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.11.4.tar.xz
xz -d linux-3.11.4.tar.xz
Key ID 0x517D0F0E
执行命令:gpg --keyserver wwwkeys.pgp.net --recv-keys0x517D0F0E
[root@VM-196src]#gpg --keyserver wwwkeys.pgp.net --recv-keys 0x517D0F0E
gpg: requesting key 517D0F0E from hkpserver wwwkeys.pgp.net
gpg: key 517D0F0E: public key "LinuxKernel Archives Verification Key " imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1
[root@VM-196 src]#
第三步,验证:
gpg --verify linux-3.11.4.tar.sign linux-3.11.4.tar
验证成功如下:
[root@VM-196 src]# gpg --verifylinux-3.11.4.tar.sign linux-3.11.4.tar
gpg: Signature made Sat 05 Oct 201310:18:29 PM CST using RSA key ID 6092693E
gpg: Good signature from "GregKroah-Hartman (Linux kernel stable release signing key)"
gpg: WARNING: This key is not certifiedwith a trusted signature!
gpg: There is no indication that thesignature belongs to the owner.
Primary key fingerprint: 647F 2865 4894E3BD 4571 99BE 38DB BDC8 6092 693E [root@VM-196src]#