first i want say, that iam a new member of this google-group and i want greet all. :)
Iam a newbie of Qubes(Linux) and i use Windows 10 at time.
Today I downloaded the current ISO image from the main page. Since I'm not so good with Linux in general, I turn to you.
I downloaded the Qubes master signing key and try to verify it.
Since I use Windows 10, I have also downloaded the program GPGEX. I open the program Cleopatra and click on the field "import". The tool gives me the hint that the certificate must first be authenticated and I have to create my own PGP certificate to verify others. After the mentioned configuration I get a key. Is this the Qubes key?
How can I tell that this is the right key?
For example, when I click the Decrypt / Verify tab in Kleopatra, I get the error message that the key contains certificates and can not be decrypted.
When I enter the commands from the Qubes page into the Windows command prompt, I get the error message no such file...
What am I doing wrong?
I hope my question is not ridiculous and someone can help me.
Previously, I never dealt with PGP and the like.
I would be very happy about many answers.
Thanks in advance
thanks alot for your help and feedbacks.Its cool t know that someone can help me :)
@ Chris Laprise
I download the qubes master signing key
qubes release 4 signing key
and the signature (Qubes-R4.0-x86_64.iso)
I following your tutorial and opened the windows command promp.
I type the commands gpg2 --import qubes-master-signing-key.asc. After this i become the error message "No such file or directory". I memory all files into the download folder. Its important for me to work with the Dos, because i want learn it on the hard way :D
On the Qubes main site i try too, to write the commands on the main site into the windows command promp.But both not work well.Mh, what iam doing wrong?
@ Neelix
Before i use the checksum tool for Windows, but i forget the name of the tool. Thanks to post it. Thumbs up.I will try it again.
About your messages i would be happy again.
regards
when i open the master signing key with the tool checksum utility and want verify it, i become the message "Hash does not match".
regards
The tool for windows you might be thinking of is certutil, from cmd prompt:
certUtil -hashfile pathtofile.iso SHA256
i following the tutorial which Chris wrote.
It works, but by the last step "verify the Iso" i become this message.
http://www.bilder-upload.eu/show.php?file=fe395a-1523890343.png
The Screenshot from the command promp i uploaded to a hoster.
Is this Iso not correct?
About a message i would be happy.
regards and thx in advance
thread can be closed. It works perfectly.
@Chris Laprise
Your Thread was very helpful. Thumbs up.
Thanks to all.
regards