weird error gpg

weird error gpg

[Jim McNamara]

Hi guys-

$ cd /cygdrive/c/Users/DeathDealer/Downloads

$ gpg --verify fedora.asc Fedora-KDE-Live-x86_64-36-1.5.iso
gpg: can't handle text lines longer than 19995 characters
gpg: Signature made Fri May  6 10:21:35 2022 EDT using RSA key ID 38AB71F4
gpg: BAD signature from "Fedora (36) <fedora-36-primary@fedoraproject.org>"

I am having a difficult time. I think they are breaking into my computer.
They made it so I can't verify files.

Is there any way I can fix it so that this error goes away?

thanks,
jim

Re: weird error gpg

[René Berber]

On 6/24/2022 10:55 AM, Jim McNamara via Cygwin wrote:

> $ gpg --verify fedora.asc Fedora-KDE-Live-x86_64-36-1.5.iso
> gpg: can't handle text lines longer than 19995 characters
> gpg: Signature made Fri May  6 10:21:35 2022 EDT using RSA key ID 38AB71F4
> gpg: BAD signature from "Fedora (36) <fedora-36-primary@fedoraproject.org>"
> 
> I am having a difficult time. I think they are breaking into my computer.
> They made it so I can't verify files.
> 
> Is there any way I can fix it so that this error goes away?

Start by checking gpg itself.


$ which gpg
/usr/bin/gpg

$ gpg --version
gpg (GnuPG) 1.4.23
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
         CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

$ sha256sum /usr/bin/gpg
a72cb1fd7a1dcf94c7c8de2a2e749bce22f16af59c2b2157b01f73518e0bece7 
*/usr/bin/gpg


Or...

$ which gpg2
/usr/bin/gpg2

$ gpg2 --version
gpg: WARNING: unsafe permissions on homedir '/home/reneb/.gnupg'
gpg (GnuPG) 2.2.35-unknown
libgcrypt 1.10.1-unknown
Copyright (C) 2022 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/reneb/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
         CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

$ sha256sum /usr/bin/gpg2
87f54df3c700c2bae6211cdb71540b8cc26b43bed60c8b2821e156e070c625f9 
*/usr/bin/gpg2

-- 
R.Berber

Re: weird error gpg

[René Berber]

On 6/24/2022 10:55 AM, Jim McNamara via Cygwin wrote:

> $ gpg --verify fedora.asc Fedora-KDE-Live-x86_64-36-1.5.iso
> gpg: can't handle text lines longer than 19995 characters
> gpg: Signature made Fri May  6 10:21:35 2022 EDT using RSA key ID 38AB71F4
> gpg: BAD signature from "Fedora (36) <fedora-36-primary@fedoraproject.org>"
> 
> I am having a difficult time. I think they are breaking into my computer.
> They made it so I can't verify files.
> 
> Is there any way I can fix it so that this error goes away?

Start by checking gpg itself.


$ which gpg
/usr/bin/gpg

$ gpg --version
gpg (GnuPG) 1.4.23
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
         CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

$ sha256sum /usr/bin/gpg
a72cb1fd7a1dcf94c7c8de2a2e749bce22f16af59c2b2157b01f73518e0bece7 
*/usr/bin/gpg


Or...

$ which gpg2
/usr/bin/gpg2

$ gpg2 --version
gpg: WARNING: unsafe permissions on homedir '/home/reneb/.gnupg'
gpg (GnuPG) 2.2.35-unknown
libgcrypt 1.10.1-unknown
Copyright (C) 2022 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/reneb/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
         CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

$ sha256sum /usr/bin/gpg2
87f54df3c700c2bae6211cdb71540b8cc26b43bed60c8b2821e156e070c625f9 
*/usr/bin/gpg2

-- 
R.Berber

Re: weird error gpg

[Jim McNamara]

Hi Rene-

Everything you mentioned checked out. I took the bottom of the sha256sum file where it was ascii armor and pasted it into notepad and saved it. 

I don't know why it isn't verifying. I named that file fedora.asc. Here is what the original file looks like. 

Please see below for the part that I copied and pasted into notepad.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Fedora-Cinnamon-Live-x86_64-36-1.5.iso: 2220474368 bytes
SHA256 (Fedora-Cinnamon-Live-x86_64-36-1.5.iso) = 03db083afb8e25dcf3f433c1c07064650010dfc99ebc930b58ee34d328758cf6
# Fedora-KDE-Live-x86_64-36-1.5.iso: 2214592512 bytes
SHA256 (Fedora-KDE-Live-x86_64-36-1.5.iso) = b1da6062ee2e90695557f93a3e13a594884d8ab08ac48a93118eca68bc9108a8
# Fedora-LXDE-Live-x86_64-36-1.5.iso: 1478590464 bytes
SHA256 (Fedora-LXDE-Live-x86_64-36-1.5.iso) = 57aa7b4df1138e755fdfebf8c60e49609f86f6f096baa578afabc1e91ef8576a
# Fedora-LXQt-Live-x86_64-36-1.5.iso: 1502576640 bytes
SHA256 (Fedora-LXQt-Live-x86_64-36-1.5.iso) = 8fc59e536571dd146f1f73272097e3355860fa54fff9ff0461c8243a58cadefb
# Fedora-MATE_Compiz-Live-x86_64-36-1.5.iso: 2195668992 bytes
SHA256 (Fedora-MATE_Compiz-Live-x86_64-36-1.5.iso) = ccf352edf7286e15968048abcc7b3f760067e74da27e904efab8302c40f8ada4
# Fedora-SoaS-Live-x86_64-36-1.5.iso: 1229389824 bytes
SHA256 (Fedora-SoaS-Live-x86_64-36-1.5.iso) = 09bbbdd5c92aff25db54ff0db683844d1cd9ed5dc0918b22a0f1ddb561b921d2
# Fedora-Xfce-Live-x86_64-36-1.5.iso: 1694498816 bytes
SHA256 (Fedora-Xfce-Live-x86_64-36-1.5.iso) = 8c175c901393788a4a46ffeeb29b7f1eebde66d8c3226bd83675c2e7212a891d
# Fedora-i3-Live-x86_64-36-1.5.iso: 1482964992 bytes
SHA256 (Fedora-i3-Live-x86_64-36-1.5.iso) = c66c9521a1d73ac5505e1b523974c9604a4cf3d9823ee1e83fdf82d99174886c
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEU97Sy5Iti42eY/0YmZ98vzircfQFAmJ1Lu8ACgkQmZ98vzir
cfRuDA/+IoCBqNW8kGoVXyrf6OfUjoaDrPF48EdIHLh0rBLaPCFu0dCNr5hjJijy
bINk5ogc4dRteC+qHNa6HWpRh4hDv+YfMxtrNlMXc0udW79uZWNrUR4zsWiX1aOS
mgyCSTIwcxUi59Brzh12iFjb6Gg4AeiUBOY8C5joLkrreT6Z6lQ2FcQySdj5SSmk
dyEyZZI5eJQQ3yBtfVeNY+JnvobvGpENS3V4IlDDfLgjmlbgNaUdCZIy0QNkAH/P
VhMPNrnQXMvcrH9uhLXxpseqpN+ZfhK64F47iHpXQGpfZyPdII3qjE/hW1vCL4UK
AV8TqFRYPK5wXu/HSqz0Mg9TCtf95oPVqgug0Czme7x8ObQ8i2x+uU9QoOjEr8oP
5U0DhrsUKzn7ogw6TfmBTDv3e+w0FBMqrHysWy9yU/SvsVKZRfz5l1fxYDI/Ifvn
K+oSCMG1wIhwVDBPO0rz/PdmeVnHNrLndrboJxYTApfJAZdVjoMwRivGtFtBjOPu
okSnkheDIwMnW3CvEwdxTrfZD2AL/nfm5I3qnJ6WSAwcF96TFWJj1/KDYrA1mE+b
hVbBkL7m+WCTN/DqegYefxDHEE09qvOLSDCSYOuZJpwVKxXame8C5/Zoe9AAJVDj
t8lbWKKPMauFFN/SXQ18JT0mECWWx84qmBvbezma2ecH2frMAuc=
=KcCN
-----END PGP SIGNATURE-----

This is what i copied and pasted into notepad and called fedora.asc (see below):

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEU97Sy5Iti42eY/0YmZ98vzircfQFAmJ1Lu8ACgkQmZ98vzir
cfRuDA/+IoCBqNW8kGoVXyrf6OfUjoaDrPF48EdIHLh0rBLaPCFu0dCNr5hjJijy
bINk5ogc4dRteC+qHNa6HWpRh4hDv+YfMxtrNlMXc0udW79uZWNrUR4zsWiX1aOS
mgyCSTIwcxUi59Brzh12iFjb6Gg4AeiUBOY8C5joLkrreT6Z6lQ2FcQySdj5SSmk
dyEyZZI5eJQQ3yBtfVeNY+JnvobvGpENS3V4IlDDfLgjmlbgNaUdCZIy0QNkAH/P
VhMPNrnQXMvcrH9uhLXxpseqpN+ZfhK64F47iHpXQGpfZyPdII3qjE/hW1vCL4UK
AV8TqFRYPK5wXu/HSqz0Mg9TCtf95oPVqgug0Czme7x8ObQ8i2x+uU9QoOjEr8oP
5U0DhrsUKzn7ogw6TfmBTDv3e+w0FBMqrHysWy9yU/SvsVKZRfz5l1fxYDI/Ifvn
K+oSCMG1wIhwVDBPO0rz/PdmeVnHNrLndrboJxYTApfJAZdVjoMwRivGtFtBjOPu
okSnkheDIwMnW3CvEwdxTrfZD2AL/nfm5I3qnJ6WSAwcF96TFWJj1/KDYrA1mE+b
hVbBkL7m+WCTN/DqegYefxDHEE09qvOLSDCSYOuZJpwVKxXame8C5/Zoe9AAJVDj
t8lbWKKPMauFFN/SXQ18JT0mECWWx84qmBvbezma2ecH2frMAuc=
=KcCN
-----END PGP SIGNATURE-----

thanks for helping,
jim





On Friday, June 24, 2022, 12:23:19 PM EDT, René Berber <rene.berber@gmail.com> wrote: 





On 6/24/2022 10:55 AM, Jim McNamara via Cygwin wrote:

> $ gpg --verify fedora.asc Fedora-KDE-Live-x86_64-36-1.5.iso
> gpg: can't handle text lines longer than 19995 characters
> gpg: Signature made Fri May  6 10:21:35 2022 EDT using RSA key ID 38AB71F4
> gpg: BAD signature from "Fedora (36) <fedora-36-primary@fedoraproject.org>"
> 
> I am having a difficult time. I think they are breaking into my computer.
> They made it so I can't verify files.
> 
> Is there any way I can fix it so that this error goes away?

Start by checking gpg itself.


$ which gpg
/usr/bin/gpg

$ gpg --version
gpg (GnuPG) 1.4.23
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

$ sha256sum /usr/bin/gpg
a72cb1fd7a1dcf94c7c8de2a2e749bce22f16af59c2b2157b01f73518e0bece7 
*/usr/bin/gpg


Or...

$ which gpg2
/usr/bin/gpg2

$ gpg2 --version
gpg: WARNING: unsafe permissions on homedir '/home/reneb/.gnupg'
gpg (GnuPG) 2.2.35-unknown
libgcrypt 1.10.1-unknown
Copyright (C) 2022 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /home/reneb/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

$ sha256sum /usr/bin/gpg2
87f54df3c700c2bae6211cdb71540b8cc26b43bed60c8b2821e156e070c625f9 
*/usr/bin/gpg2

-- 
R.Berber



-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:    https://cygwin.com/ml/#unsubscribe-simple

Re: weird error gpg

[René Berber]

Hi,

Two things come to mind:

1. Is the file fedora.asc being through an editor? Does it have \r\n 
terminators by accident? i.e. is DOS formated, not the original format.

2. You should be using the original file, I don't see the point of what 
you pasted into Notepad, and Notepad by default will mangle the file 
anyway (i.e. with the wrong line terminators).

BTW gpg expects the original file, w/o the sha256 sums it can't do its 
checking (of the .iso file).

Regards.


On 6/24/2022 11:41 AM, Jim McNamara via Cygwin wrote:
 > Hi Rene-
 >
 > Everything you mentioned checked out. I took the bottom of the 
sha256sum file where it was ascii armor and pasted it into notepad and 
saved it.
 >
 > I don't know why it isn't verifying. I named that file fedora.asc. 
Here is what the original file looks like.
 >
 > Please see below for the part that I copied and pasted into notepad.
 >
> # Fedora-Cinnamon-Live-x86_64-36-1.5.iso: 2220474368 bytes
> SHA256 (Fedora-Cinnamon-Live-x86_64-36-1.5.iso) = 03db083afb8e25dcf3f433c1c07064650010dfc99ebc930b58ee34d328758cf6
> # Fedora-KDE-Live-x86_64-36-1.5.iso: 2214592512 bytes
> SHA256 (Fedora-KDE-Live-x86_64-36-1.5.iso) = b1da6062ee2e90695557f93a3e13a594884d8ab08ac48a93118eca68bc9108a8
> # Fedora-LXDE-Live-x86_64-36-1.5.iso: 1478590464 bytes
> SHA256 (Fedora-LXDE-Live-x86_64-36-1.5.iso) = 57aa7b4df1138e755fdfebf8c60e49609f86f6f096baa578afabc1e91ef8576a
> # Fedora-LXQt-Live-x86_64-36-1.5.iso: 1502576640 bytes
> SHA256 (Fedora-LXQt-Live-x86_64-36-1.5.iso) = 8fc59e536571dd146f1f73272097e3355860fa54fff9ff0461c8243a58cadefb
> # Fedora-MATE_Compiz-Live-x86_64-36-1.5.iso: 2195668992 bytes
> SHA256 (Fedora-MATE_Compiz-Live-x86_64-36-1.5.iso) = ccf352edf7286e15968048abcc7b3f760067e74da27e904efab8302c40f8ada4
> # Fedora-SoaS-Live-x86_64-36-1.5.iso: 1229389824 bytes
> SHA256 (Fedora-SoaS-Live-x86_64-36-1.5.iso) = 09bbbdd5c92aff25db54ff0db683844d1cd9ed5dc0918b22a0f1ddb561b921d2
> # Fedora-Xfce-Live-x86_64-36-1.5.iso: 1694498816 bytes
> SHA256 (Fedora-Xfce-Live-x86_64-36-1.5.iso) = 8c175c901393788a4a46ffeeb29b7f1eebde66d8c3226bd83675c2e7212a891d
> # Fedora-i3-Live-x86_64-36-1.5.iso: 1482964992 bytes
> SHA256 (Fedora-i3-Live-x86_64-36-1.5.iso) = c66c9521a1d73ac5505e1b523974c9604a4cf3d9823ee1e83fdf82d99174886c
 >
 > This is what i copied and pasted into notepad and called fedora.asc 
(see below):
 >
 > -----BEGIN PGP SIGNATURE-----
 >
 > iQIzBAEBCAAdFiEEU97Sy5Iti42eY/0YmZ98vzircfQFAmJ1Lu8ACgkQmZ98vzir
 > cfRuDA/+IoCBqNW8kGoVXyrf6OfUjoaDrPF48EdIHLh0rBLaPCFu0dCNr5hjJijy
 > bINk5ogc4dRteC+qHNa6HWpRh4hDv+YfMxtrNlMXc0udW79uZWNrUR4zsWiX1aOS
 > mgyCSTIwcxUi59Brzh12iFjb6Gg4AeiUBOY8C5joLkrreT6Z6lQ2FcQySdj5SSmk
 > dyEyZZI5eJQQ3yBtfVeNY+JnvobvGpENS3V4IlDDfLgjmlbgNaUdCZIy0QNkAH/P
 > VhMPNrnQXMvcrH9uhLXxpseqpN+ZfhK64F47iHpXQGpfZyPdII3qjE/hW1vCL4UK
 > AV8TqFRYPK5wXu/HSqz0Mg9TCtf95oPVqgug0Czme7x8ObQ8i2x+uU9QoOjEr8oP
 > 5U0DhrsUKzn7ogw6TfmBTDv3e+w0FBMqrHysWy9yU/SvsVKZRfz5l1fxYDI/Ifvn
 > K+oSCMG1wIhwVDBPO0rz/PdmeVnHNrLndrboJxYTApfJAZdVjoMwRivGtFtBjOPu
 > okSnkheDIwMnW3CvEwdxTrfZD2AL/nfm5I3qnJ6WSAwcF96TFWJj1/KDYrA1mE+b
 > hVbBkL7m+WCTN/DqegYefxDHEE09qvOLSDCSYOuZJpwVKxXame8C5/Zoe9AAJVDj
 > t8lbWKKPMauFFN/SXQ18JT0mECWWx84qmBvbezma2ecH2frMAuc=
 > =KcCN
 > -----END PGP SIGNATURE-----
 >
 > thanks for helping,
 > jim
 >
 >
 >
 >
 >
 > On Friday, June 24, 2022, 12:23:19 PM EDT, René Berber 
<rene.berber@gmail.com> wrote:
 >
 >
 >
 >
 >
 > On 6/24/2022 10:55 AM, Jim McNamara via Cygwin wrote:
 >
 >> $ gpg --verify fedora.asc Fedora-KDE-Live-x86_64-36-1.5.iso
 >> gpg: can't handle text lines longer than 19995 characters
 >> gpg: Signature made Fri May  6 10:21:35 2022 EDT using RSA key ID 
38AB71F4
 >> gpg: BAD signature from "Fedora (36) 
<fedora-36-primary@fedoraproject.org>"
 >>
 >> I am having a difficult time. I think they are breaking into my 
computer.
 >> They made it so I can't verify files.
 >>
 >> Is there any way I can fix it so that this error goes away?
 >
 > Start by checking gpg itself.
 >
 >
 > $ which gpg
 > /usr/bin/gpg
 >
 > $ gpg --version
 > gpg (GnuPG) 1.4.23
 > Copyright (C) 2015 Free Software Foundation, Inc.
 > License GPLv3+: GNU GPL version 3 or later
 > <http://gnu.org/licenses/gpl.html>
 > This is free software: you are free to change and redistribute it.
 > There is NO WARRANTY, to the extent permitted by law.
 >
 > Home: ~/.gnupg
 > Supported algorithms:
 > Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
 > Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
 >          CAMELLIA128, CAMELLIA192, CAMELLIA256
 > Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
 > Compression: Uncompressed, ZIP, ZLIB, BZIP2
 >
 > $ sha256sum /usr/bin/gpg
 > a72cb1fd7a1dcf94c7c8de2a2e749bce22f16af59c2b2157b01f73518e0bece7
 > */usr/bin/gpg
 >
 >
 > Or...
 >
 > $ which gpg2
 > /usr/bin/gpg2
 >
 > $ gpg2 --version
 > gpg: WARNING: unsafe permissions on homedir '/home/reneb/.gnupg'
 > gpg (GnuPG) 2.2.35-unknown
 > libgcrypt 1.10.1-unknown
 > Copyright (C) 2022 g10 Code GmbH
 > License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
 > This is free software: you are free to change and redistribute it.
 > There is NO WARRANTY, to the extent permitted by law.
 >
 > Home: /home/reneb/.gnupg
 > Supported algorithms:
 > Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
 > Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
 >          CAMELLIA128, CAMELLIA192, CAMELLIA256
 > Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
 > Compression: Uncompressed, ZIP, ZLIB, BZIP2
 >
 > $ sha256sum /usr/bin/gpg2
 > 87f54df3c700c2bae6211cdb71540b8cc26b43bed60c8b2821e156e070c625f9
 > */usr/bin/gpg2
 >

Re: weird error gpg

[René Berber]

Hi,

Two things come to mind:

1. Is the file fedora.asc being through an editor? Does it have \r\n 
terminators by accident? i.e. is DOS formated, not the original format.

2. You should be using the original file, I don't see the point of what 
you pasted into Notepad, and Notepad by default will mangle the file 
anyway (i.e. with the wrong line terminators).

BTW gpg expects the original file, w/o the sha256 sums it can't do its 
checking (of the .iso file).

Regards.


On 6/24/2022 11:41 AM, Jim McNamara via Cygwin wrote:
 > Hi Rene-
 >
 > Everything you mentioned checked out. I took the bottom of the 
sha256sum file where it was ascii armor and pasted it into notepad and 
saved it.
 >
 > I don't know why it isn't verifying. I named that file fedora.asc. 
Here is what the original file looks like.
 >
 > Please see below for the part that I copied and pasted into notepad.
 >
> # Fedora-Cinnamon-Live-x86_64-36-1.5.iso: 2220474368 bytes
> SHA256 (Fedora-Cinnamon-Live-x86_64-36-1.5.iso) = 03db083afb8e25dcf3f433c1c07064650010dfc99ebc930b58ee34d328758cf6
> # Fedora-KDE-Live-x86_64-36-1.5.iso: 2214592512 bytes
> SHA256 (Fedora-KDE-Live-x86_64-36-1.5.iso) = b1da6062ee2e90695557f93a3e13a594884d8ab08ac48a93118eca68bc9108a8
> # Fedora-LXDE-Live-x86_64-36-1.5.iso: 1478590464 bytes
> SHA256 (Fedora-LXDE-Live-x86_64-36-1.5.iso) = 57aa7b4df1138e755fdfebf8c60e49609f86f6f096baa578afabc1e91ef8576a
> # Fedora-LXQt-Live-x86_64-36-1.5.iso: 1502576640 bytes
> SHA256 (Fedora-LXQt-Live-x86_64-36-1.5.iso) = 8fc59e536571dd146f1f73272097e3355860fa54fff9ff0461c8243a58cadefb
> # Fedora-MATE_Compiz-Live-x86_64-36-1.5.iso: 2195668992 bytes
> SHA256 (Fedora-MATE_Compiz-Live-x86_64-36-1.5.iso) = ccf352edf7286e15968048abcc7b3f760067e74da27e904efab8302c40f8ada4
> # Fedora-SoaS-Live-x86_64-36-1.5.iso: 1229389824 bytes
> SHA256 (Fedora-SoaS-Live-x86_64-36-1.5.iso) = 09bbbdd5c92aff25db54ff0db683844d1cd9ed5dc0918b22a0f1ddb561b921d2
> # Fedora-Xfce-Live-x86_64-36-1.5.iso: 1694498816 bytes
> SHA256 (Fedora-Xfce-Live-x86_64-36-1.5.iso) = 8c175c901393788a4a46ffeeb29b7f1eebde66d8c3226bd83675c2e7212a891d
> # Fedora-i3-Live-x86_64-36-1.5.iso: 1482964992 bytes
> SHA256 (Fedora-i3-Live-x86_64-36-1.5.iso) = c66c9521a1d73ac5505e1b523974c9604a4cf3d9823ee1e83fdf82d99174886c
 >
 > This is what i copied and pasted into notepad and called fedora.asc 
(see below):
 >
 > -----BEGIN PGP SIGNATURE-----
 >
 > iQIzBAEBCAAdFiEEU97Sy5Iti42eY/0YmZ98vzircfQFAmJ1Lu8ACgkQmZ98vzir
 > cfRuDA/+IoCBqNW8kGoVXyrf6OfUjoaDrPF48EdIHLh0rBLaPCFu0dCNr5hjJijy
 > bINk5ogc4dRteC+qHNa6HWpRh4hDv+YfMxtrNlMXc0udW79uZWNrUR4zsWiX1aOS
 > mgyCSTIwcxUi59Brzh12iFjb6Gg4AeiUBOY8C5joLkrreT6Z6lQ2FcQySdj5SSmk
 > dyEyZZI5eJQQ3yBtfVeNY+JnvobvGpENS3V4IlDDfLgjmlbgNaUdCZIy0QNkAH/P
 > VhMPNrnQXMvcrH9uhLXxpseqpN+ZfhK64F47iHpXQGpfZyPdII3qjE/hW1vCL4UK
 > AV8TqFRYPK5wXu/HSqz0Mg9TCtf95oPVqgug0Czme7x8ObQ8i2x+uU9QoOjEr8oP
 > 5U0DhrsUKzn7ogw6TfmBTDv3e+w0FBMqrHysWy9yU/SvsVKZRfz5l1fxYDI/Ifvn
 > K+oSCMG1wIhwVDBPO0rz/PdmeVnHNrLndrboJxYTApfJAZdVjoMwRivGtFtBjOPu
 > okSnkheDIwMnW3CvEwdxTrfZD2AL/nfm5I3qnJ6WSAwcF96TFWJj1/KDYrA1mE+b
 > hVbBkL7m+WCTN/DqegYefxDHEE09qvOLSDCSYOuZJpwVKxXame8C5/Zoe9AAJVDj
 > t8lbWKKPMauFFN/SXQ18JT0mECWWx84qmBvbezma2ecH2frMAuc=
 > =KcCN
 > -----END PGP SIGNATURE-----
 >
 > thanks for helping,
 > jim
 >
 >
 >
 >
 >
 > On Friday, June 24, 2022, 12:23:19 PM EDT, René Berber 
<rene.berber@gmail.com> wrote:
 >
 >
 >
 >
 >
 > On 6/24/2022 10:55 AM, Jim McNamara via Cygwin wrote:
 >
 >> $ gpg --verify fedora.asc Fedora-KDE-Live-x86_64-36-1.5.iso
 >> gpg: can't handle text lines longer than 19995 characters
 >> gpg: Signature made Fri May  6 10:21:35 2022 EDT using RSA key ID 
38AB71F4
 >> gpg: BAD signature from "Fedora (36) 
<fedora-36-primary@fedoraproject.org>"
 >>
 >> I am having a difficult time. I think they are breaking into my 
computer.
 >> They made it so I can't verify files.
 >>
 >> Is there any way I can fix it so that this error goes away?
 >
 > Start by checking gpg itself.
 >
 >
 > $ which gpg
 > /usr/bin/gpg
 >
 > $ gpg --version
 > gpg (GnuPG) 1.4.23
 > Copyright (C) 2015 Free Software Foundation, Inc.
 > License GPLv3+: GNU GPL version 3 or later
 > <http://gnu.org/licenses/gpl.html>
 > This is free software: you are free to change and redistribute it.
 > There is NO WARRANTY, to the extent permitted by law.
 >
 > Home: ~/.gnupg
 > Supported algorithms:
 > Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
 > Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
 >          CAMELLIA128, CAMELLIA192, CAMELLIA256
 > Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
 > Compression: Uncompressed, ZIP, ZLIB, BZIP2
 >
 > $ sha256sum /usr/bin/gpg
 > a72cb1fd7a1dcf94c7c8de2a2e749bce22f16af59c2b2157b01f73518e0bece7
 > */usr/bin/gpg
 >
 >
 > Or...
 >
 > $ which gpg2
 > /usr/bin/gpg2
 >
 > $ gpg2 --version
 > gpg: WARNING: unsafe permissions on homedir '/home/reneb/.gnupg'
 > gpg (GnuPG) 2.2.35-unknown
 > libgcrypt 1.10.1-unknown
 > Copyright (C) 2022 g10 Code GmbH
 > License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
 > This is free software: you are free to change and redistribute it.
 > There is NO WARRANTY, to the extent permitted by law.
 >
 > Home: /home/reneb/.gnupg
 > Supported algorithms:
 > Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
 > Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
 >          CAMELLIA128, CAMELLIA192, CAMELLIA256
 > Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
 > Compression: Uncompressed, ZIP, ZLIB, BZIP2
 >
 > $ sha256sum /usr/bin/gpg2
 > 87f54df3c700c2bae6211cdb71540b8cc26b43bed60c8b2821e156e070c625f9
 > */usr/bin/gpg2
 >

Re: weird error gpg

[Andrey Repin]

Greetings, Jim McNamara!

> I took the bottom of the sha256sum
> file where it was ascii armor and pasted it into notepad and saved it. 

Thus destroyed the very possiblity of checking your setup.
Do not touch the signature file. Save it literal.

> I don't know why it isn't verifying.

You did that.

> I named that file fedora.asc. Here is what the original file looks like. 

Original. The key word.


> This is what i copied and pasted into notepad and called fedora.asc (see below):

> -----BEGIN PGP SIGNATURE-----

It is a signature of the file itself. It is useless without the entire file.
Wondering who told you to do that.


-- 
With best regards,
Andrey Repin
Friday, June 24, 2022 22:25:03

Sorry for my terrible english...