Pages

Welcome to My Blog

This is to share my IT experience with friends all around the world.
I have been working in Linux Fedora Systems for more than 8 years. Its fun to share knowledge and learn..
As everyone knows when a problem arises in your systems "googling" is the way that many depend on..

All the posts here are my working experiences during my working life.. So you can count on it..

I have added the references where I got help in solving IT issues


Sunday, August 23, 2020

Verifying BIND releases with isc.org pgpkeys

 When it is required to verify latest releases of bind name server applications, it is required to download the isc.org latest pgp keys from https://ftp.isc.org/isc/pgpkeys/


Then follow the given procedure to verify the integrity of an ISC download using PGP.

 

1. Download the pgp key from the above given location and name the key file as 'KEYS' (Or whatever you want)

2. Download the tar.gz and Signatures file as required

3. Change the directory to the location where all public key, signature key file and tar.gz files are stored.

4. Import the public key using the PGP or GPG import option, e.g.:  gpg --import KEYS

 - Here 'KEYS' is the file which contains the public key downloaded from the key repository 

gpg --import KEYS
gpg: key 4CBB3D38: "Internet Systems Consortium, Inc. (Signing key, 2019-2020) <codesign@isc.org>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

 

5.   Check the integrity with gpg --verify command 

Ex. 

gpg --verify bind-9.11.22.tar.gz.asc bind-9.11.22.tar.gz
gpg: Signature made 2020-08-12 01:47:02 +0530 +0530 using RSA key ID 5DACE918
gpg: Good signature from "Internet Systems Consortium, Inc. (Signing key, 2019-2020) <codesign@isc.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: AE3F AC79 6711 EC59 FC00  7AA4 74BB 6B9A 4CBB 3D38
     Subkey fingerprint: 95CE DA25 6B1C A0A1 5F30  2FB5 9521 A7ED 5DAC E918


Good Reference:

https://kb.isc.org/docs/aa-01225

No comments:

Post a Comment