Hi every when i try to import keys i keep getting this message
gpgv: can't open 'Downloads\\tor-browser-windows-x86_64-portable-13.0.1.exe.asc': No such file or directory
gpgv: verify signatures failed: No such file or directory
PS C:\Users\jon\Downloads>
this is after following instructions and copy and pasting the commands of the website. I get the same results on everything i try to download .can anyone tell me what i am doing wrong please and thankyou.
$ gpg --keyserver hkps://keyserver.ubuntu.com --recv-key 44C6513A8E4FB3D30875F758ED444FF07D8D0B
gpg: key ED444FF07D8D0BF6: "Kali Linux Repository <devel@kali.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
$ gpg --verify SHA256SUMS.gpg SHA256SUMS
gpg: can't open signed data 'SHA256SUMS'
gpg: can't hash datafile: No such file or directory
It seems like the key import was successful, but the verification of the signatures failed because of the wrong path (No such file or directory). You need to pass the correct path of the signature file to gpg.
That’s frustrating when the verification fails even though you have the file and the signature right there. One thing that often catches people off guard is the “Trust” level of the public key. If GPG says the signature is “Good” but warns that the key is not certified with a trusted signature, it usually just means you haven’t locally signed the key to mark it as trusted.
If it’s failing completely, double-check that the file name hasn’t been changed. Sometimes GPG expects the signed file to have the exact original name to match what’s in the metadata. Also, make sure you’ve imported the public key into your keyring first; if you’re running the command and it says “public key not found,” you’ll need to grab their key from a keyserver or their site before the verification will work.