Commit c914cbbf authored by sajolida's avatar sajolida
Browse files

Rewrite instructions for the command line

  - Use numbered list for steps.
  - Split each command in a different step.
  - Add note about checking the date.
  - Point to WoT to get rid of warning.
parent 578f1182
......@@ -61,49 +61,28 @@ the ISO image</a>.</p>
### Using Linux with the command line
Then, start the cryptographic verification, it can take several
minutes:
1. Open a terminal and navigate to the folder where you saved the ISO
image and the signature.
<p class="pre">
cd [the ISO image directory]<br />
[[!inline pages="inc/stable_i386_gpg_verify" raw="yes"]]
</p>
1. Execute:
If the ISO image is correct the output will tell you
that the signature is good:
<p class="pre">[[!inline pages="inc/stable_i386_gpg_verify" raw="yes"]]</p>
<pre>
gpg: Signature made Sun 08 Feb 2015 08:17:03 PM UTC
gpg: using RSA key 0x98FEC6BC752A3DB6
gpg: Good signature from "Tails developers (offline long-term identity key) &lt;tails@boum.org&gt;" [unknown]
Primary key fingerprint: A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F
Subkey fingerprint: BA2C 222F 44AC 00ED 9899 3893 98FE C6BC 752A 3DB6
</pre>
The output of this command should be the following:
or:
<p class="pre">[[!inline pages="inc/stable_i386_gpg_signature_output" raw="yes"]]</p>
<pre>
gpg: Signature made Sun 08 Feb 2015 08:17:03 PM UTC
gpg: using RSA key 0x3C83DCB52F699C56
gpg: Good signature from "Tails developers (offline long-term identity key) &lt;tails@boum.org&gt;" [unknown]
Primary key fingerprint: A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F
Subkey fingerprint: A509 1F72 C746 BA6B 163D 1C18 3C83 DCB5 2F69 9C56
</pre>
Verify the date of the signature to make sure that you downloaded the latest version.
If you see the following warning:
If the output also includes:
<pre>
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F
</pre>
<pre>
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.</pre>
Then the ISO image is still correct, and valid according to the Tails signing
key that you downloaded. This warning is related to the trust that you put in
the Tails signing key. See, [[Trusting Tails signing
key|doc/get/trusting_tails_signing_key]]. To remove this warning you would have
to personally <span class="definition">[[!wikipedia Keysigning
desc="sign"]]</span> the Tails signing key with your own key.
Then the ISO image is still correct according to the signing key that you
downloaded. To remove this warning you need to <a href="#wot">authenticate
the signing key through the OpenPGP Web of Trust</a>.
### In Windows
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment