Public GPG key not matching the .deb file signature | Community
Skip to main content
C
Newcomer
Cleberz
Newcomer
May 8, 2023
Question

Public GPG key not matching the .deb file signature

  • May 8, 2023
  • 0 replies
  • 0 views

Hello,
I'm trying to install the latest Zoom 5.14.7 (2928) from your Download Center webpage on my Ubuntu 20.04 but this build appears to be using a different public key than the one linked in that page:

https://us06web.zoom.us/client/latest/zoom_amd64.deb
https://us06web.zoom.us/linux/download/pubkey

 

$ gpg --import package-signing-key.pub gpg: keybox '/home/czarate3/.gnupg/pubring.kbx' created gpg: /home/czarate3/.gnupg/trustdb.gpg: trustdb created gpg: key B903BF1861A7C71D: public key "Zoom Video Communcations, Inc. Linux Package Signing Key ***********" imported gpg: Total number processed: 1 gpg: imported: 1$ gpg --show-keys package-signing-key.pub pub rsa2048 2015-06-07 [SC] 396060CADD8A75220BFCB369B903BF1861A7C71D uid Zoom Video Communcations, Inc. Linux Package Signing Key *********** sub rsa2048 2015-06-07 [E]$ gpg --verify zoom_amd64.deb gpg: Signature made Fri 05 May 2023 12:41:04 AM CDT gpg: using RSA key 59C86188E22ABB19BD5540477B04A1B8DD79B481 gpg: Can't check signature: No public key$ dpkg-sig -verify zoom_amd64.deb Processing zoom_amd64.deb... UNKNOWNSIG _gpgbuilder DD79B481

 

 Please let me know whether this is just someone missing a new public key or whether that file has been tampered with. Thanks,

      Terms & ConditionsAccessibility statement
      Copyright © Zoom Communications, Inc. All rights reserved.