I am following instructions here and I am only seeing terminal output for one missing key:
$ gpg --keyid-format long --verify ubuntu-20.04.3-desktop-amd64.SHA256SUMS.gpg ubuntu-20.04.3-desktop-amd64.SHA256SUMS
gpg: Signature made to 26. august 2021 09.52.49 UTC
gpg: using RSA key 843938DF228D22F7B3742BC0D94AA3F0EFE21092
gpg: Can't check signature: No public keyHowever in the instructions, as well as in this question Fetching Ubuntu's OpenPGP keys for verification fails with "not a key ID: skipping"
there are two:
gpg: Signature made Thu Apr 5 22:19:36 2018 EDT using DSA key ID 46181433FBB75451
gpg: Can't check signature: No public key
gpg: Signature made Thu Apr 5 22:19:36 2018 EDT using RSA key ID D94AA3F0EFE21092
gpg: Can't check signature: No public keyCan someone tell me why there are two, and why I am only seeing one?
Side note:
gpg's --keyid-format flag doesn't seem to do anything (I am just getting the fingerprint rather then ID in the output as if this flag is not there).
1 Answer
The error message indicates that you do not currently have the Ubuntu CD signing public keys in your GPG Keyring. The instructions on the page you linked-to include steps for importing the key in such situations:
gpg --keyid-format long --keyserver hkp://keyserver.ubuntu.com --recv-keys 0x46181433FBB75451 0xD94AA3F0EFE21092This will download the key and add it into your GPG Keyring ready for use. From there you will be able to re-run the first command again, and it should succeed:
gpg --keyid-format long --verify SHA256SUMS.gpg SHA256SUMS
