|
Title: How to verify your Electrum [Windows, Linux, Mac] Post by: bitdaric on February 04, 2019, 10:32:01 AM How to verify Electrum (for Windows, Linux and Mac) Windows: 1. Download and install gpg4win from here: https://www.gpg4win.org/get-gpg4win.html 2. After installation open Kleopatra and click on Lookup on Server. 3. Type 2BD5824B7F9470E6 (ThomasV sign (https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6)) in Find field and click on Search. 4. Select 'ThomasV' from list or click on Select All and then click on Import https://i.imgur.com/xIWbXb4.jpg 5. If you want to see a green verification message in last step, follow step 5.1 otherwise click on No and go to step 6. 5.1. To see green verification message, click Yes in dialog that ask you to confirm certification process: https://i.imgur.com/zcAtoDv.jpg at this point if you haven`t PGP sign, you will be asked to create one. do it by typing your name and email and follow wizard steps and set your key pair password and then click on Finish: https://i.imgur.com/0Kpnfkd.jpg Select all IDs from Certification Dialog and check `I have verified the fingerprint` and click Next and then click Certify, you will be asked to type password you set and then click on Finish: https://i.imgur.com/YApc9qA.jpg 6. Now download setup file and signature file from official website: https://electrum.org/#download https://i.imgur.com/996mA6O.jpg 7. click on signature file and you will see verification. if you get green message your version is correct. if you get red message you are in danger! (if you ignored step 5.1 you will get a white message instead green and it is OK too). https://i.imgur.com/mS2qyzI.jpg donation: 1JTBZEprk8pdSUtkQyFLVUy45g6x8cKoyJ Title: Re: How to verify your Electrum Post by: bitdaric on February 11, 2019, 04:56:07 PM Linux:
1. open a terminal and enter: Code: sudo apt-get install gnupg 2. then type: Code: gpg --keyserver pgp.mit.edu --recv-keys 7F9470E6 you will see these messages: Quote gpg: requesting key 7F9470E6 from hkp server pgp.mit.edu gpg: key 7F9470E6: "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>" 10 new signatures gpg: no ultimately trusted keys found gpg: Total number processed: 1 gpg: new signatures: 10 3. download Electrum and sign file (.asc file) from https://electrum.org for example: Code: wget https://download.electrum.org/3.3.6/Electrum-3.3.6.tar.gz 4. now verify files: Code: gpg --verify Electrum-3.3.6.tar.gz.asc Electrum-3.3.6.tar.gz you will see these messages: Quote gpg: Signature made Fri Jan 25 19:51:07 2019 UTC using RSA key ID 7F9470E6 gpg: Good signature from "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>" gpg: aka "ThomasV <thomasv1@gmx.de>" gpg: aka "Thomas Voegtlin <thomasv1@gmx.de>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 6694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6 as you see in second line it tell us `Good signature`. then that is correct version. if you see these messages: Quote gpg: Signature made Fri Dec 21 22:08:41 2018 UTC using RSA key ID 7F9470E6 gpg: BAD signature from "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>" that tell you `BAD signature`. then you are in danger or downloaded incorrect .asc file (for example for different version). donation: 1JTBZEprk8pdSUtkQyFLVUy45g6x8cKoyJ Title: Re: How to verify your Electrum [Windows, Linux, Mac] Post by: bitdaric on February 11, 2019, 06:23:44 PM Mac:
1. install homebrew from http://brew.sh/ 2. using homebrew install gnupg: Code: brew install gnupg 3. then type: Code: gpg --recv-keys 2BD5824B7F9470E6 you will see these messages: Quote gpg: requesting key 7F9470E6 from hkp server pgp.mit.edu gpg: key 7F9470E6: "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>" 10 new signatures gpg: no ultimately trusted keys found gpg: Total number processed: 1 gpg: new signatures: 10 4. download Electrum and sign file (.asc file) from https://electrum.org for example: Code: wget https://download.electrum.org/3.3.6/Electrum-3.3.6.tar.gz 5. now verify files: Code: gpg --verify Electrum-3.3.6.tar.gz.asc Electrum-3.3.6.tar.gz you will see these messages: Quote gpg: Signature made Fri Jan 25 19:51:07 2019 UTC using RSA key ID 7F9470E6 gpg: Good signature from "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>" gpg: aka "ThomasV <thomasv1@gmx.de>" gpg: aka "Thomas Voegtlin <thomasv1@gmx.de>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 6694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6 as you see in second line it tell us `Good signature`. then that is correct version. if you see these messages: Quote gpg: Signature made Fri Dec 21 22:08:41 2018 UTC using RSA key ID 7F9470E6 gpg: BAD signature from "Thomas Voegtlin (https://electrum.org) <thomasv@electrum.org>" that tell you `BAD signature`. then you are in danger or downloaded incorrect .asc file (for example for different version). donation: 1JTBZEprk8pdSUtkQyFLVUy45g6x8cKoyJ Title: Re: How to verify your Electrum [Windows, Linux, Mac] Post by: elda34b on February 12, 2019, 02:06:03 AM You can also use GPA in Linux. Just an alternative version (more UI friendly than GPG) of GPG in Linux. I use both though.
Title: Re: How to verify your Electrum [Windows, Linux, Mac] Post by: zetzetzet on February 13, 2019, 09:39:32 PM Don't work search in Kleopatra
Smb know why? Title: Re: How to verify your Electrum [Windows, Linux, Mac] Post by: pooya87 on February 14, 2019, 04:30:35 AM Don't work search in Kleopatra Smb know why? You probably entered incorrect string, use Tor (sometimes it doesn't work when using Tor in my case) or something wrong happen wit the server (AFAIK they search on https://pgp.mit.edu (https://pgp.mit.edu) where i got error 502/503) i have encountered the same problem without Tor where the pgp.mit.edu server itself is offline and unreachable which is why you also get an error in PGP applications trying to fetch the public key. changing the key server fixes that problem. Code: gpg --keyserver pool.sks-keyservers.net --recv-keys 7F9470E6 or for Kleopatra i think this article can help: https://www.gpg4win.org/doc/en/gpg4win-compendium_22.html Title: Re: How to verify your Electrum [Windows, Linux, Mac] Post by: zetzetzet on February 14, 2019, 04:49:14 PM yeah, smth with pgp.mit.edu
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6 Title: Re: How to verify your Electrum [Windows, Linux, Mac] Post by: Rayser on February 17, 2019, 08:20:54 PM 3. then type: Code: gpg --recv-keys 2BD5824B7F9470E6 Better if you use: Code: gpg --recv-keys 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6 I have a tutorial waiting on Github. https://github.com/spesmilo/electrum-docs/pull/84/files |
