I’m on Ubuntu 24.04 LTS
Ok I’m trying to verify this whonix ova, so this is where I downloaded the whonix ova https://www.whonix.org/wiki/VirtualBox so like I said I’ve already downloaded the whonix ova but now I’d like to verify it.
Ok so I took a screenshot of it
Can someone please just walk me through this?
And I did google “how to verify pgp on ubuntu” and honestly there aren’t too many tutorials that pop up, well I checked out this tutorial here https://www.linuxbabe.com/security/verify-pgp-signature-software-downloads-linux and I started reading it and she says “On the VeraCrypt download page, you can also find the PGP public key and PGP signature download link. Click the links to download these two files.” So wait a second, so I need to download both the PGP public key and PGP signature?
I’m confused, can someone help me understand pgp keys and what to do?
So yeah I’ve already downloaded the whonix ova and now I’d like to verify it before I install it but I’ve never done pgp keys before so I need to learn how to do it. Thank you.
Yeah and the tutorials on pgp keys on Ubuntu on the internet are lacking, there aren’t that many of them. Like really only a few pop up on google. And I know the verification of the whonix ova is optional but I’d still like to finally learn how to do pgp keys cause I’ve never done it before. Yeah I’ve known about pgp keys for years and so I’d like to learn how to do them.
Edit: Make sure you check out her tutorial, at one point she says there is a published fingerprint on the veracrypt website that you have to compare to, but I can’t find a fingerprint on the whonix website. I’m confused.
Edit: So look at this screenshot please
you see she says “Compare it with the fingerprint published on VeraCrypt website.”
Yeah I can’t find a published fingerprint anywhere on the whonix website. I need an expert to explain this to me?