Languages

User login
Create new account

Navigation

Recent donations

knife
donated € 20.00

Marco Calegaro
donated € 20.00

mauro patriarca
donated € 20.00

PublicLewdness
donated CAD 5.00

Donate now!

bc1q3t3vxjhd3dmvg3cfn24k4l7n4mf750utpp75hn

Submitted by G4JC on Sun, 11/09/2014 - 00:55

Verify Trisquel Download

Trisquel Signing Keys

pub dsa1024 2007-01-14 [SC] E6C27099CA21965B734AEA31B4EFB9F38D8AEBF1 uid [ unknown] Trisquel GNU/Linux (Trisquel GNU/Linux signing key) <name at domain> sub elg2048 2007-01-14 [E]


pub   rsa4096 2017-01-07 [SC]

      60364C9869F92450421F0C22B138CA450C05112F

uid           [ unknown] Trisquel GNU/Linux <name at domain>

sub   rsa4096 2017-01-07 [E]

pub rsa4096 2022-10-19 [SC] D24DDAC9226D5BA5E9F3BED3F5DAAAF74AD4C938 uid [ unknown] Trisquel GNU/Linux Archive Automatic Signing Key (11/aramo) <name at domain>

This wiki assumes you already have GPG and wget installed on your computer.

Otherwise, to install GPG and wget, open your Terminal and run:

sudo apt install wget gnupg

Verification For Existing Users

If you're already running Trisquel then you already have the GPG key to verify downloads, which was installed at the system level.

First download Trisquel as you normally would. Make sure to download both the .iso and the corresponding GPG signature, ending in .asc.

Verify the file, such as a command like this. This command uses the existing keys that are already installed and trusted by your system to verify the download:

gpg --no-default-keyring --keyring /usr/share/keyrings/trisquel-archive-keyring.gpg --verify trisquel-netinst_11.0.1_amd64.iso.asc trisquel-netinst_11.0.1_amd64.iso

Verification For New Users

New users don't have the benefit of having already-trusted keys.

First download the keys:

wget https://archive.trisquel.info/trisquel/trisquel-archive-signkey.gpg

Then import the keys into GPG:

gpg --import trisquel-archive-signkey.gpg

Verify the file, such as a command like this. This command uses the keys you've just imported to verify the download:

gpg --verify trisquel-netinst_11.0.1_amd64.iso.asc trisquel-netinst_11.0.1_amd64.iso

Check Exit Status

In both cases of new and existing users, instead of looking for a "good signature" or "bad signature" response, which might be included as something as a part of key comment to trick people, check GPG's exit status:

echo $?

An exit status of 0 indicates success, while any other indicates a failure.