警告信息“此密钥未经可信签名认证!” 何时验证 apache:
wget https://downloads.apache.org/accumulo/1.10.2/accumulo-1.10.2-bin.tar.gz
wget https://downloads.apache.org/accumulo/1.10.2/accumulo-1.10.2-bin.tar.gz.asc
wget https://downloads.apache.org/accumulo/KEYS
gpg --import KEYS
gpg --verify accumulo-1.10.2-bin.tar.gz.asc accumulo-1.10.2-bin.tar.gz
出现错误信息:
gpg: Signature made Tue 08 Feb 2022 11:04:00 PM HKT
gpg: using RSA key 8CC4F8A2B29C2B040F2B835D6F0CDAE700B6899D
gpg: Good signature from "Christopher L Tubbs II (Christopher) <[email protected]>" [unknown]
gpg: aka "Christopher L Tubbs II (Developer) <[email protected]>" [unknown]
gpg: aka "Christopher L Tubbs II (Developer) <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 8CC4 F8A2 B29C 2B04 0F2B 835D 6F0C DAE7 00B6 899D
我想完全相信它:
gpg --edit-key 8CC4F8A2B29C2B040F2B835D6F0CDAE700B6899D
gpg (GnuPG) 2.2.27; Copyright (C) 2021 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
pub rsa4096/6F0CDAE700B6899D
created: 2012-10-13 expires: 2024-01-12 usage: SC
trust: full validity: unknown
sub rsa4096/2FFC0085C23D3DA9
created: 2012-10-13 expires: 2024-01-12 usage: E
sub rsa4096/4417A0C14245D003
created: 2013-04-28 expires: 2024-01-12 usage: A
[ unknown] (1). Christopher L Tubbs II (Christopher) <[email protected]>
[ unknown] (2) Christopher L Tubbs II (Developer) <[email protected]>
[ unknown] (3) Christopher L Tubbs II (Developer) <[email protected]>
gpg> trust
pub rsa4096/6F0CDAE700B6899D
created: 2012-10-13 expires: 2024-01-12 usage: SC
trust: full validity: unknown
sub rsa4096/2FFC0085C23D3DA9
created: 2012-10-13 expires: 2024-01-12 usage: E
sub rsa4096/4417A0C14245D003
created: 2013-04-28 expires: 2024-01-12 usage: A
[ unknown] (1). Christopher L Tubbs II (Christopher) <[email protected]>
[ unknown] (2) Christopher L Tubbs II (Developer) <[email protected]>
[ unknown] (3) Christopher L Tubbs II (Developer) <[email protected]>
Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)
1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu
Your decision? 4
pub rsa4096/6F0CDAE700B6899D
created: 2012-10-13 expires: 2024-01-12 usage: SC
trust: full validity: unknown
sub rsa4096/2FFC0085C23D3DA9
created: 2012-10-13 expires: 2024-01-12 usage: E
sub rsa4096/4417A0C14245D003
created: 2013-04-28 expires: 2024-01-12 usage: A
[ unknown] (1). Christopher L Tubbs II (Christopher) <[email protected]>
[ unknown] (2) Christopher L Tubbs II (Developer) <[email protected]>
[ unknown] (3) Christopher L Tubbs II (Developer) <[email protected]>
gpg> quit
然后再次验证:
gpg --verify accumulo-1.10.2-bin.tar.gz.asc accumulo-1.10.2-bin.tar.gz
gpg: Signature made Tue 08 Feb 2022 11:04:00 PM HKT
gpg: using RSA key 8CC4F8A2B29C2B040F2B835D6F0CDAE700B6899D
gpg: Good signature from "Christopher L Tubbs II (Christopher) <[email protected]>" [unknown]
gpg: aka "Christopher L Tubbs II (Developer) <[email protected]>" [unknown]
gpg: aka "Christopher L Tubbs II (Developer) <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 8CC4 F8A2 B29C 2B04 0F2B 835D 6F0C DAE7 00B6 899D
如何在验证 apache 时抑制警告信息?