Bitcoin Forum
September 01, 2024, 06:10:56 AM *
News: Latest Bitcoin Core release: 27.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Security of Linux pip2 install electrum: Is it safe?  (Read 362 times)
arberg (OP)
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
July 22, 2017, 07:05:58 PM
 #1

Will pip2 install verify the checksum of the downloaded file with a satisfying degree of security. One thing I could hope for is verifying the asc signature and that it is signed by trusted root certificate.

When installing like: sudo -H pip2 install https://download.electrum.org/2.8.3/Electrum-2.8.3.tar.gz

I found some info on how to verify the asc signature, like below, but is this necessary or already done by pip2 or the python setup script?

gpg --keyserver pool.sks-keyservers.net --recv-keys 7F9470E6
gpg --fingerprint
gpg --verify Electrum-2.8.3.tar.gz.asc

Best Alex

PS: Signature verification thread: https://bitcointalk.org/index.php?topic=1046484.0
Abdussamad
Legendary
*
Offline Offline

Activity: 3654
Merit: 1571



View Profile
July 23, 2017, 02:28:49 AM
 #2

you have to verify it yourself. i wrote a script that downloads, verifies the tarball and does the install for you:

https://github.com/BitcoinsPakistan/electrum-install
arberg (OP)
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
July 28, 2017, 10:30:28 PM
 #3

Thank you, I appreciate the info and the script
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!