How to verify Armory

[Dragono]

Hi, I have struggled with this for days now, at it seems like it just won't work.
I have reached step 3 in installation tutorial to verify Armory installers on Mac, and the "apt-get" command didn't work. I then Googled it and found out that the "apt-get" command apparently didn't work and I should install Homebrew, which I did, but when I typed "brew install dpkg-sig" I got an error, so google said I should just use "install dpkg-sig" and I got the output as shown on the attached file.
So last step, verifying Armory, and I get the error that the dpkg-sig command is not found. I don't know what to do and hoped that you had time to help me out The attached file is a picture of my code.

https://www.dropbox.com/s/yywuym5bf4507cw/Screen%20Shot%202014-11-02%20at%2001.00.10.png?dl=0

[ForgottenPassword]

Try this:

Download this file:
https://s3.amazonaws.com/bitcoinarmory-releases/armory_0.92.3_sha256sum.txt.asc
(it is the signed hash file from here: https://bitcoinarmory.com/download/ )

And also download Armory for MacOSX from that page too.

and run the following:

Code:

gpg --verify armory_0.92.3_sha256sum.txt.asc

If you get the message GOOD signature, then run

Code:

sha256sum armory_0.92.3_osx.tar.gz

And you should see something like this:

Code:

25aac165bcdfc326ca36e630e9676dd1b116b246209e7bc9b646001977deb947 armory_0.92.3_osx.tar.gz

Then open the file armory_0.92.3_sha256sum.txt.asc in a text editor and check that the line above is in it and matches exactly.

[Dragono]

It sounds so easy, and I believe it is, for some...

When I click on the signed hash file, it opens in a new window in my browser and I see no option to download the file, so I copied the content and and made the file myself by naming it "armory_0.92.3_sha256sum.txt.asc". And then I ran the code you gave me and it said it was a good signature. But when I run this command:

Code:

sha256sum armory_0.92.3_osx.tar.gz

it says

Code:

-bash: sha256sum: command not found

Man, where do you guys learn this stuff?? 

[doug_armory]

I don't think sha256sum is included in OSX. OpenSSL, however, is included. The following command should work.

Code:

openssl sha256 armory_0.92.3_osx.tar.gz

The result should match the SHA256 code for the OSX file in the ASC file.

[picobit]

Code:

sha256sum armory_0.92.3_osx.tar.gz

it says

Code:

-bash: sha256sum: command not found

On my mac, the command is

Code:

shasum -a 256 armory_0.92.3_osx.tar.gz

Man, where do you guys learn this stuff??  

We do like you do: Ask questions on the internet.  Continue for 20 year, and you end up answering some of them instead


Edit: Messed up formatting.

[ForgottenPassword]

It sounds so easy, and I believe it is, for some...

When I click on the signed hash file, it opens in a new window in my browser and I see no option to download the file, so I copied the content and and made the file myself by naming it "armory_0.92.3_sha256sum.txt.asc".

File > Save Page As in your browser (at least in Firefox). But what you did works fine too.

And then I ran the code you gave me and it said it was a good signature. But when I run this command:

Code:

sha256sum armory_0.92.3_osx.tar.gz

it says

Code:

-bash: sha256sum: command not found

My mistake, I forgot that sha256sum is only on Linux and not on OSX out-of-the-box. Try picobit or doug_armory's solutions.

They should probably have OSX-specific instructions for verifying the installer on the download page along with the Linux one.

[Dragono]

Thank you all for your quick replies 

This one worked for me:

Code:

shasum -a 256 armory_0.92.3_osx.tar.gz

and this

Code:

openssl sha256 armory_0.92.3_osx.tar.gz

just gave me an error

Code:

openssl:Error: 'sha256' is an invalid command

Man, I can't wait for the 20 years to past.

[doug_armory]

Thank you all for your quick replies 

This one worked for me:

Code:

shasum -a 256 armory_0.92.3_osx.tar.gz

and this

Code:

openssl sha256 armory_0.92.3_osx.tar.gz

just gave me an error

Code:

openssl:Error: 'sha256' is an invalid command

Sorry that my command didn't work. It does work for me. I did notice that I'm running a newer version, so perhaps the command changed somewhere along the way.

Man, I can't wait for the 20 years to past.

To be fair, I've also spent a lot of time both researching this stuff in my spare time and studying it in college and grad school. I can totally understand how the layperson would look at commands that produce what look like gobbledygook and say, "How the hell does this prove anything?" It does. It's just not immediately apparent, even to people who have a little crypto background.