You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
You're now ready to verify the manifest file. You will need to have the `relays-x.x.x-manifest.sha512sum` and the `relays-x.x.x-manifest.sha512sum.asc` files in the same directory as the binaries you downloaded where the `x.x.x` is replaced by whatever version of `relays` you're verifying.
69
69
70
70
To verify the manifest file run the following command:
71
71
72
-
```sh
72
+
```bash
73
73
gpg --verify relays-x.x.x-manifest.sha512sum.asc
74
74
```
75
75
76
76
Here's the command to run for the latest version of `relays`:
77
77
78
-
```sh
79
-
gpg --verify relays-0.3.0-manifest.sha512sum.asc
78
+
```bash
79
+
gpg --verify relays-0.4.0-manifest.sha512sum.asc
80
80
```
81
81
82
82
You should see output similar to the following if the verification was successful:
83
83
84
-
```sh
85
-
gpg: assuming signed data in'relays-0.3.0-manifest.sha512sum'
86
-
gpg: Signature made Thu 03 Oct 2024 01:29:21 PM UTC
84
+
```bash
85
+
gpg: assuming signed data in'relays-0.4.0-manifest.sha512sum'
86
+
gpg: Signature made Sat 05 Oct 2024 08:43:11 AM UTC
87
87
gpg: using RSA key 252F57B9DCD920EBF14E6151A8841CC4D10CC288
88
88
gpg: Good signature from "NODE-TEC Devs <[email protected]>" [unknown]
> Unless you tell GnuPG to trust the key, you'll see a warning similar to the following:
95
95
96
-
```sh
96
+
```bash
97
97
gpg: WARNING: This key is not certified with a trusted signature!
98
98
gpg: There is no indication that the signature belongs to the owner.
99
99
```
@@ -106,24 +106,25 @@ You have now verified the signature of the manifest file which ensures the integ
106
106
107
107
To verify the binaries you'll need to recompute the SHA512 hashes of the files, compare them with the corresponding hashes in the manifest file, and ensure they match exactly which you can do by running the following command:
108
108
109
-
```sh
109
+
```bash
110
110
sha512sum --check relays-x.x.x-manifest.sha512sum
111
111
```
112
112
113
113
Here's the command to run for the latest version of `relays`:
114
114
115
-
```sh
116
-
sha512sum --check relays-0.3.0-manifest.sha512sum
115
+
```bash
116
+
sha512sum --check relays-0.4.0-manifest.sha512sum
117
117
```
118
118
119
119
If the verification was successful you should see the output similar to the following:
120
120
121
-
```sh
121
+
```bash
122
122
khatru-pyramid-0.1.0-x86_64-linux-gnu.tar.gz: OK
123
+
nostr-rs-relay-0.9.0-x86_64-linux-gnu.tar.gz: OK
123
124
strfry-1.0.1-x86_64-linux-gnu.tar.gz: OK
125
+
wot-relay-0.1.12-x86_64-linux-gnu.tar.gz: OK
124
126
relay29-0.4.0-khatru29-x86_64-linux-gnu.tar.gz: OK
125
127
relay29-0.4.0-strfry29-x86_64-linux-gnu.tar.gz: OK
126
-
wot-relay-0.1.12-x86_64-linux-gnu.tar.gz: OK
127
128
```
128
129
129
130
By completing the above steps you will have successfully verified the integrity of the binaries.
0 commit comments