Hello all,
Is anyone else aware that the GPG signatures seem to be faulty on the repo? Or am I not verifying them correctly?
gpg --verify jenkins-war-1.651.1.war.asc jenkins-war-1.651.1.war
gpg: Signature made Thu 14 Apr 2016 01:05:31 AM EDT using DSA key ID D50582E6
gpg: BAD signature from "Kohsuke Kawaguchi <
k...@kohsuke.org>"
The files seem ok according to the sha1 files as well.
cat jenkins-war-1.651.1.war.sha1
31fcae60edba2ecb6c380c59f374761723981283
sha1sum jenkins-war-1.651.1.war
31fcae60edba2ecb6c380c59f374761723981283 jenkins-war-1.651.1.war
cat jenkins-war-1.651.1.war.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEABECAAYFAlcPJRsACgkQm30y8tUFgubFegCeMp4oYrIZxbhKLMrzsFhEIxet
wfAAniNy42DycpcdSuuubZngegbJiCYp
=PVM5
-----END PGP SIGNATURE-----
cat jenkins-war-1.651.1.war.asc.sha1
5a3f4bf88da314079dfbc269f6ac0b359cc96938
sha1sum jenkins-war-1.651.1.war.asc
5a3f4bf88da314079dfbc269f6ac0b359cc96938 jenkins-war-1.651.1.war.asc
-Steven