Information in Signed Hashes

pankleks · April 28, 2021, 9:01am

hi there

I found the info in the

signed hashes

as follows:

"also never trust this file in case the signature is valid but not coming
from our official key, that you can retrieve from here:
https://deb.parrot.sh/misc/archive.gpg"

I get everytime an error when trying to download from
https://deb.parrot.sh/misc/archive.gpg

Can somebody please tell me where to download the official key.
Please tell me the fingerprint

thank you in advance

tissy · April 28, 2021, 9:24am

https://deb.parrot.sh/parrot/misc/archive.gpg
Somehow that link is wrong.
Try this.

pankleks · April 28, 2021, 3:24pm

Top Support
Grazie mille

pankleks · April 29, 2021, 1:01am

not OK

the above posted key contains the fingerprints:
3B3E AB80 7D70 721B A9C0 3E55 C7B3 9D03 6297 2489
813E EFE8 0280 C579 E2A1 F5E6 B56F FA94 6EB1 660A
from Parrot project [email protected]

my downloaded iso and hashes contains the fingerprint:
0A91 2CDE 87F9 9722 36AF 8B50 363A 96A5 CEA9 EA27
from Parrot Project (2020-2022) [email protected]

we are talking about security… so I am “frankly” serious…
wtf?

can I please get a second opinion
thank you in advance

tissy · April 30, 2021, 9:19am

this means that your file has been downloaded badly. try to download it again.

system · August 28, 2021, 9:19am

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.