Bitcoin Core setup error verifying the pgp signature

[eiger3970]

Hello, I'm trying to setup a Bitcoin Core full node, however the pgp signature verification is brining up the error:

Code:

Mac:Downloads macUser$ gpg --verify SHA256SUMS.asc
gpg: WARNING: multiple signatures detected.  Only the first will be checked.
gpg: no signed data
gpg: can't hash datafile: No data

[bigmanik]

Well I believe this error message occurs when GPG is unable to verify the signature because it is expecting an actual file(SHA256SUMS) to be present alongside the signature file (SHA256SUMS.asc)

So if I'm correct what you should do is
You should download both SHA256SUMS and SHA256SUMS.asc from the Bitcoin core website
Place both files in the same directory.
And  Run: `gpg --verify SHA256SUMS.asc SHA256SUMS`

If this doesn't work you should specify the signature file explicitly
And the manually check the hash

[DireWolfM14]

bigmanik is correct, GnuPG is unable to find the data to which the signature file pertains.  Bitcoin core has a two-step verification process; first you need to download three files; the binary (.zip) for your version of MacOS, the SHA256 binary hashes, and SHA256 binary signature.  The binary hashes file will not have a file extension, but it can be opened and read by any text editor.  The signature file (it looks like you've already downloaded that) will have the .asc file extension.  Download all the files to the same directory, then open a terminal window in that directory.


The first step; use GPG to verify the hash file matches the data signed by the signatures in the signature file.

Code:

gpg --verify SHA256SUMS.asc

The second step; use the MacOS built in sha tool to very the hash of the .zip file.

Code:

shasum -a 256 --ignore-missing --check SHA256SUMS

More detailed instructions can be found here: https://bitcoincore.org/en/download/

[eiger3970]

Thanks, but it's unclear to which is a hash file, a signature and whatever else.

Here's the latest output:

Code:

Mac:Downloads macUser$ ls
Bitcoin-Qt.app				bitcoin-27.0-x86_64-apple-darwin.zip
SHA256SUMS.asc
Mac:Downloads macUser$ gpg --verify SHA256SUMS.asc 
gpg: WARNING: multiple signatures detected.  Only the first will be checked.
gpg: no signed data
gpg: can't hash datafile: No data
Mac:Downloads macUser$ shasum -a 256 --ignore-missing --check SHA256SUMS.asc 
Unknown option: ignore-missing
Type shasum -h for help

[achow101]

You need to also download the file SHA256SUMS. That is the file which actually contains the hashes for the shasum command later.

SHA256SUMS.asc contains the signatures over the SHA256SUMS file, both need to be present, in addition the the GPG keys you wish to verify with, for gpg to do any verification.

[Forsyth Jones]

I usually download the three files: bitcoin-28.0-x86_64-linux-gnu.tar.gz, SHA256SUMS and SHA256SUMS.asc and place them in the same folders for easier verification.

I do this by following the verification instructions on the download page: https://bitcoincore.org/en/download/, below there is a section: Verify your download and then you can open MacOS verification instructions to see the instructions for your OS.

Did you import the keys of all the devs who signed the binary? I ask this because I didn't see if you downloaded the gpg keys from the core devs in your answers. Below is the command for this:

Code:

gpg --import fanquake.gpg

As DireWolfM14 specified, follow the instructions on the download page, below the executables there is a help section for verifying signatures.

[eiger3970]

Mac:Downloads macUser$ sha256sum bitcoin-27.0-x86_64-applie-darwin.zip
-bash: sha256sum: command not found.

[nc50lc]

Mac:Downloads macUser$ sha256sum bitcoin-27.0-x86_64-applie-darwin.zip
-bash: sha256sum: command not found.

Go to https://bitcoincore.org/en/download/.
Scroll-down a few lines, then expand (click) "MacOS verification instructions".

Screenshot (more lines below step5):


In step8, as the recommendation stated, you can skip that and just import and certify only those who you trust.

[eiger3970]

Thank you, I overlooked the mention of clicking back to the Download page for the verification links.
Ran the steps, however working out the following errors now:

Code:

Mac:Downloads macUser$ ls
Bitcoin-Qt.app				SHA256SUMS.asc
SHA256SUMS				bitcoin-27.0-x86_64-apple-darwin.zip
Mac:Downloads macUser$ shasum -a 256 --ignore-missing --check SHA256SUMS
Unknown option: ignore-missing
Type shasum -h for help
Mac-mini:Downloads macminiosx10$ shasum -a 256 --check SHA256SUMS
shasum: bitcoin-28.0-aarch64-linux-gnu-debug.tar.gz: 
bitcoin-28.0-aarch64-linux-gnu-debug.tar.gz: FAILED open or read
shasum: bitcoin-28.0-aarch64-linux-gnu.tar.gz: No such file or directory
bitcoin-28.0-aarch64-linux-gnu.tar.gz: FAILED open or read
shasum: bitcoin-28.0-arm-linux-gnueabihf-debug.tar.gz: No such file or directory
bitcoin-28.0-arm-linux-gnueabihf-debug.tar.gz: FAILED open or read
shasum: bitcoin-28.0-arm-linux-gnueabihf.tar.gz: No such file or directory
bitcoin-28.0-arm-linux-gnueabihf.tar.gz: FAILED open or read
shasum: bitcoin-28.0-arm64-apple-darwin.zip: No such file or directory
bitcoin-28.0-arm64-apple-darwin.zip: FAILED open or read
shasum: bitcoin-28.0-arm64-apple-darwin-unsigned.tar.gz: No such file or directory
bitcoin-28.0-arm64-apple-darwin-unsigned.tar.gz: FAILED open or read
shasum: bitcoin-28.0-arm64-apple-darwin-unsigned.zip: No such file or directory
bitcoin-28.0-arm64-apple-darwin-unsigned.zip: FAILED open or read
shasum: bitcoin-28.0-arm64-apple-darwin.tar.gz: No such file or directory
bitcoin-28.0-arm64-apple-darwin.tar.gz: FAILED open or read
shasum: bitcoin-28.0-codesignatures-28.0.tar.gz: No such file or directory
bitcoin-28.0-codesignatures-28.0.tar.gz: FAILED open or read
shasum: bitcoin-28.0.tar.gz: No such file or directory
bitcoin-28.0.tar.gz: FAILED open or read
shasum: bitcoin-28.0-powerpc64-linux-gnu-debug.tar.gz: No such file or directory
bitcoin-28.0-powerpc64-linux-gnu-debug.tar.gz: FAILED open or read
shasum: bitcoin-28.0-powerpc64-linux-gnu.tar.gz: No such file or directory
bitcoin-28.0-powerpc64-linux-gnu.tar.gz: FAILED open or read
shasum: bitcoin-28.0-riscv64-linux-gnu-debug.tar.gz: No such file or directory
bitcoin-28.0-riscv64-linux-gnu-debug.tar.gz: FAILED open or read
shasum: bitcoin-28.0-riscv64-linux-gnu.tar.gz: No such file or directory
bitcoin-28.0-riscv64-linux-gnu.tar.gz: FAILED open or read
shasum: bitcoin-28.0-x86_64-apple-darwin.zip: No such file or directory
bitcoin-28.0-x86_64-apple-darwin.zip: FAILED open or read
shasum: bitcoin-28.0-x86_64-apple-darwin-unsigned.tar.gz: No such file or directory
bitcoin-28.0-x86_64-apple-darwin-unsigned.tar.gz: FAILED open or read
shasum: bitcoin-28.0-x86_64-apple-darwin-unsigned.zip: No such file or directory
bitcoin-28.0-x86_64-apple-darwin-unsigned.zip: FAILED open or read
shasum: bitcoin-28.0-x86_64-apple-darwin.tar.gz: No such file or directory
bitcoin-28.0-x86_64-apple-darwin.tar.gz: FAILED open or read
shasum: bitcoin-28.0-x86_64-linux-gnu-debug.tar.gz: No such file or directory
bitcoin-28.0-x86_64-linux-gnu-debug.tar.gz: FAILED open or read
shasum: bitcoin-28.0-x86_64-linux-gnu.tar.gz: No such file or directory
bitcoin-28.0-x86_64-linux-gnu.tar.gz: FAILED open or read
shasum: bitcoin-28.0-win64-setup.exe: No such file or directory
bitcoin-28.0-win64-setup.exe: FAILED open or read
shasum: bitcoin-28.0-win64-debug.zip: No such file or directory
bitcoin-28.0-win64-debug.zip: FAILED open or read
shasum: bitcoin-28.0-win64-setup-unsigned.exe: No such file or directory
bitcoin-28.0-win64-setup-unsigned.exe: FAILED open or read
shasum: bitcoin-28.0-win64-unsigned.tar.gz: No such file or directory
bitcoin-28.0-win64-unsigned.tar.gz: FAILED open or read
shasum: bitcoin-28.0-win64.zip: No such file or directory
bitcoin-28.0-win64.zip: FAILED open or read
shasum: WARNING: 25 listed files could not be read

[nc50lc]

Thank you, I overlooked the mention of clicking back to the Download page for the verification links.
Ran the steps, however working out the following errors now:

Code:

Mac:Downloads macUser$ ls
Bitcoin-Qt.app				SHA256SUMS.asc
SHA256SUMS				bitcoin-27.0-x86_64-apple-darwin.zip
-snip-
shasum: bitcoin-28.0-x86_64-apple-darwin.zip: No such file or directory
bitcoin-28.0-x86_64-apple-darwin.zip: FAILED open or read

Since you've downloaded the older version Bitcoin Core v27.0, you should also download the "SHA256SUMS" and "SHA256SUMS.asc" file for that specific version.
You can find it in their previous releases link: https://bitcoincore.org/bin/bitcoin-core-27.0/

It wont fix the "Unknown option: ignore-missing" error though since it looks like an issue with your OS and shasum.
At least, ignore the obviously missing file results since you haven't downloaded those.

[eiger3970]

Thanks. I just downloaded the defaults from the downloads page. Seems like an update is  needed, so things work without the messing around. I'm unsure what to do and have run out of time.