Cannot verify PGP signature for veracrypt executable

Question

I just downloaded a fresh copy of veracrypt from the official website, however I'm having some trouble verifying its signature.

Here's what I did:

gpg import veracrypt.asc (from here)
-gpg --verify "VeraCrypt Setup 1.24-Update7.exe.sig" "VeraCrypt Setup 1.24-Update7.exe"

PGP for some reason is unable to verify the signature, what gives?

score 0 · Answer 1 · answered Dec 01 '21 at 10:55

If you'd provide GPG output it would be easier to answer. However, most likely the reason is in redundant parameter, your command line should be like:

gpg --verify "VeraCrypt Setup 1.24-Update7.exe.sig", given that both .sig and .exe files are put in the same directory.

This is called 'detached signature': .exe.sig file contains signature itself, and GnuPG would look for the signed contents in a file without .sig extension.

Cannot verify PGP signature for veracrypt executable

1 Answers1