Nel sito web bitcoin.org si dice:
verify your download using signatures
Ho trovato alcune istruzioni vaghe su come fare questo, ma mi chiedevo se qualcuno ha scritto istruzioni passo-passo chiare e concise?
Sto usando Linux / Ubuntu.
Questo è quello che ho provato fino ad ora:
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$ ls -l
total 23124
-rw-rw-r-- 1 oshirowanen oshirowanen 23652105 Aug 31 08:57 bitcoin-0.13.0-x86_64-linux-gnu.tar.gz
-rw-rw-r-- 1 oshirowanen oshirowanen 2100 Aug 31 09:41 laanwj-releases.asc
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$ gpg --with-fingerprint laanwj-releases.asc
pub 4096R/36C2E964 2015-06-24 Wladimir J. van der Laan (Bitcoin Core binary release signing key) <[email protected]>
Key fingerprint = 01EA 5486 DE18 A882 D4C2 6845 90C8 019E 36C2 E964
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$ gpg --import laanwj-releases.asc
gpg: /home/oshirowanen/.gnupg/trustdb.gpg: trustdb created
gpg: key 36C2E964: public key "Wladimir J. van der Laan (Bitcoin Core binary release signing key) <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
gpg: no ultimately trusted keys found
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$ gpg --verify laanwj-releases.asc
gpg: verify signatures failed: unexpected data
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$
UPDATE 1:
Ho appena provato:
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$ gpg --verify laanwj-releases.asc bitcoin-0.13.0-x86_64-linux-gnu.tar.gz
gpg: verify signatures failed: unexpected data
UPDATE 2:
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$ gpg laanwj-releases.asc bitcoin-0.13.0-x86_64-linux-gnu.tar.gz
usage: gpg [options] [filename]
UPDATE 3:
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$ ls -l
total 23124
-rw-rw-r-- 1 oshirowanen oshirowanen 23652105 Aug 31 08:57 bitcoin-0.13.0-x86_64-linux-gnu.tar.gz
-rw-rw-r-- 1 oshirowanen oshirowanen 2100 Aug 31 09:41 laanwj-releases.asc
-rw-rw-r-- 1 oshirowanen oshirowanen 1957 Aug 31 08:50 SHA256SUMS.asc
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$ gpg --import laanwj-releases.asc
gpg: key 36C2E964: "Wladimir J. van der Laan (Bitcoin Core binary release signing key) <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$ gpg --verify SHA256SUMS.asc
gpg: Signature made Tue 23 Aug 2016 15:23:26 BST using RSA key ID 36C2E964
gpg: Good signature from "Wladimir J. van der Laan (Bitcoin Core binary release signing key) <[email protected]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 01EA 5486 DE18 A882 D4C2 6845 90C8 019E 36C2 E964
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$ sha256sum bitcoin-0.13.0-x86_64-linux-gnu.tar.gz
bcc1e42d61f88621301bbb00512376287f9df4568255f8b98bc10547dced96c8 bitcoin-0.13.0-x86_64-linux-gnu.tar.gz
oshirowanen@computer:~/Downloads/bitcoin 0.13.0$ grep bitcoin-0.13.0-x86_64-linux-gnu.tar.gz SHA256SUMS.asc
bcc1e42d61f88621301bbb00512376287f9df4568255f8b98bc10547dced96c8 bitcoin-0.13.0-x86_64-linux-gnu.tar.gz
oshirowanen @ computer: ~ / Downloads / bitcoin 0.13.0 $
Significa che tutto va bene? L'AVVISO è preoccupante.