GPG key verification
Verification procedure
Example is from Nextcloud.
- Download the archive.
- Check package integrity using MD5 or SHA256 (hash should be provided):
sha265sum latest.zip
- Verify the authenticity via PGP (.asc and PGP public key should be provided)
gpg --verify latest.zip.asc
You can also grab the keys by issueing this command:
gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 28806A878AE423A28372792ED75899B9A724937A
Issues
If keyserver returns errors, it could be temporarily unreachable.
Try with another server, like keyserver.ubuntu.com