2647s (OP)
Newbie
Offline
Activity: 8
Merit: 5
|
Installed electrum 4.1.5-2 thru my package manager (official repositories) on linux which placed the file to: /usr/bin/electrum
Manually downloaded the linux sig file from electrum.org and placed in the same directory as electrum and ran the following command: "gpg --verify /usr/bin/electrum-4.1.5-x86_64.AppImage.asc"
And the following *errors come up: gpg: no signed data gpg: can't hash datafile: No data
Does someone in the community know what the issue is here?
|
|
|
|
vv181
Legendary
Offline
Activity: 1932
Merit: 1273
|
That's not how GPG verifying works.
The signature(electrum-4.1.5-x86_64.AppImage.asc) you have downloaded is respectively tied to the file that is being represented which is electrum-4.1.5-x86_64.AppImage. While the Electrum you have downloaded is the binary from your distro repository, it can't be checked using the signatures on the Electrum site. Well, it could using command $ gpg --verify /usr/bin/electrum-4.1.5-x86_64.AppImage.asc /usr/bin/electrum, but I believe it will result in a bad signature.
If you want to verify it, you should download/use the .appimage Linux binary and its own signatures, and proceed to verify that.
|
|
|
|
|
2647s (OP)
Newbie
Offline
Activity: 8
Merit: 5
|
|
March 11, 2022, 09:50:34 PM |
|
If you want to verify it, you should download/use the .appimage Linux binary and its own signatures, and proceed to verify that.
The binary i downloaded from the repo...do you know where or how to get the appropriate sig file, or where its path would be if it installed together with the download? If you could spellout the process on how to verify the linux binary electrum it would be very helpful, thanks
|
|
|
|
Chikito
Legendary
Offline
Activity: 2534
Merit: 2076
|
|
March 11, 2022, 10:26:26 PM |
|
If you want to verify it, you should download/use the .appimage Linux binary and its own signatures, and proceed to verify that.
The binary i downloaded from the repo...do you know where or how to get the appropriate sig file, or where its path would be if it installed together with the download? If you could spellout the process on how to verify the linux binary electrum it would be very helpful, thanks where do you get 4.1.5-2? usually, people get all files https://electrum.org/#download
|
|
|
|
BitMaxz
Legendary
Offline
Activity: 3416
Merit: 3159
Is the $100k BTC possible?
|
|
March 11, 2022, 11:03:18 PM |
|
It seems the source where he downloaded the Electrum is not from the official website I found 4.1.5-2 in Github user Archlinux Here's are the sources Package page - https://archlinux.org/packages/?q=electrum Package sources -https://github.com/archlinux/svntogit-community/tree/packages/electrum/trunk Package recipe - https://github.com/archlinux/svntogit-community/blob/packages/electrum/trunk/PKGBUILD Package recipe (raw) - https://raw.githubusercontent.com/archlinux/svntogit-community/packages/electrum/trunk/PKGBUILD
@2647s It's not recommended to download Electrum from other sources you should only download Electrum on their official website electrum.org
|
BTC Road to $80k...
|
|
|
khaled0111
Legendary
Offline
Activity: 2688
Merit: 3024
Top Crypto Casino
|
|
March 11, 2022, 11:46:40 PM Last edit: March 12, 2022, 12:16:11 AM by khaled0111 |
|
^^ Linux packages has their own naming conventions. For example in this case: 4.1.5-2 stands for Version 4.1.5, Release 2...
OP, make sure the Electrum file you downloaded from the repo has the same name as the signature file (.asc) and both are in the same directrory then try again to verify it. Not sure if it's going to work with packages, though.
Repo packages aren't updated that frequently, so better download Electrum from the official website (electrum.org) to be sure you are downloading the latest version.
|
|
|
|
2647s (OP)
Newbie
Offline
Activity: 8
Merit: 5
|
|
March 12, 2022, 12:34:15 AM |
|
It seems the source where he downloaded the Electrum is not from the official website I found 4.1.5-2 in Github user Archlinux [/quote]
Thats correct, i got it from my package manager but not sure where the sig file went... so maybe its best to wipe it and start all over. I'll get it from the official site this time since the sig file is right there as well; i'll give that a shot and see if verifying w/gpg works out, thanks
|
|
|
|
nc50lc
Legendary
Offline
Activity: 2576
Merit: 6250
Self-proclaimed Genius
|
|
March 12, 2022, 02:01:49 AM |
|
The binary i downloaded from the repo...do you know where or how to get the appropriate sig file, or where its path would be if it installed together with the download? If you could spellout the process on how to verify the linux binary electrum it would be very helpful, thanks
There are no compiled binaries in the official repository, only the source code. Which " official repository" was it downloaded from? Home: github.com/spesmilo/electrumReleases: github.com/spesmilo/electrum/tags
|
|
|
|
vv181
Legendary
Offline
Activity: 1932
Merit: 1273
|
|
March 12, 2022, 06:46:50 AM |
|
If you want to verify it, you should download/use the .appimage Linux binary and its own signatures, and proceed to verify that.
The binary i downloaded from the repo...do you know where or how to get the appropriate sig file, or where its path would be if it installed together with the download? If you could spellout the process on how to verify the linux binary electrum it would be very helpful, thanks You are running Manjaro and installing Electrum using Pacman/Pamac right? Ideally, all the signature verifying processes have been done by Pacman itself. If you installing that way, the things you need to verify is the Electrum package maintainer/signer from the official repository of your distro. In that case, you have to trust and verify the packager maintainer and signer not to tamper with the direct Electrum source code. See more and how here: pacman/Package signingIf you are going that way, I think that is not the best way to use Electrum. Instead, I suggest you should use and verify the wallet directly from the official website of Electrum. That way, you are able to use/verify the app directly from Electrum developers. You can refer to @BitMaxz post about that.
|
|
|
|
2647s (OP)
Newbie
Offline
Activity: 8
Merit: 5
|
|
March 12, 2022, 02:00:42 PM |
|
There are no compiled binaries in the official repository, only the source code. Which "official repository" was it downloaded from?
[/quote]
I'm not sure which repository it was, just that is was not from the AUR.
[/quote] If you are going that way, I think that is not the best way to use Electrum. Instead, I suggest you should use and verify the wallet directly from the official website of Electrum. That way, you are able to use/verify the app directly from Electrum developers. You can refer to @BitMaxz post about that. [/quote]
This is super helpful info; i'll be redoing the whole thing straight from the website then verify, and yes you're correct: Manjaro >Electrum from Pamac.
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3682
Merit: 1580
|
|
March 13, 2022, 02:34:05 PM |
|
You are trusting your linux repo for the rest of the OS so there's no harm in trusting it for electrum as well. The package manager does the verification so you don't have to do it.
|
|
|
|
|