Objective
This article describes how to verify the digital signature of the CrashPlan app installer for Red Hat Enterprise Linux (RHEL).
Administrators should perform this task before installation to ensure the package is an official CrashPlan distribution and has not been tampered with or corrupted.
Prerequisites
-
CrashPlan app installer: The
.rpmfile downloaded from the CrashPlan console. - GnuPG (gpg): Installed on the Linux device.
Privileged Terminal Access: Ability to run
rpmcommands withsudoprivileges.
Procedure
-
Copy the public key block below and save it to a file named
crashplan.pub.-----BEGIN PGP PUBLIC KEY BLOCK----- mQGNBGl7qFIBDADmOFe2yRmyumIi4Vc9f/BDvoh4Qj12sk4gJRtv07kfev7j4fcM zgXhpBhGwRwOjylwcU4ItJZRfezbluaMgjwFDuFqBtImSZZ3dhxg1VHzfrqE532X +6pJET8e2q5M9omrSmIwP4sNi3HR6xtUn/mANQspe5c/bdc4ksbyxBYwdJAAJjuL jtXf10sCePJFATSACHkkdBuk6tWeN548GrLdfInYGlkcsMpT9Bdnd1FxSpVV1yut byNUsv9qmT8GoZ9l7MOdJwQMxKeN7T7EL/kdSve+F0V3yffOsYJU5q6BBJDlH+wL CJ56DtyFxcSLFhrQ6DZAO0dzXg1NOiCv7jE5D7JT+B28H2PQwM+9W+Z9MtW3EGUb EPZqKXdM1Vuw8s8rv/WfSC9iOAAyFEpM5ymcH1R4n95LctyZF2aOeJzCkwnuZbDy U8Nk6Q3fW823LevLpsQRdl1Q26u9HWpjgquzkVSnPdl2PydERcJGZ6RlVUeIZFdj TD+PyiT8TbCfz50AEQEAAbQsQ3Jhc2hQbGFuIEdyb3VwIExMQyA8c2VjdXJpdHlA Y3Jhc2hwbGFuLmNvbT6JAdgEEwEIAEIWIQSGqR4Bm3tSoLUR2kX1j4t1E6KyJwUC aXuoUgIbAwUJBaOagAULCQgHAgMiAgEGFQoJCAsCBBYCAwECHgcCF4AACgkQ9Y+L dROisicqDgv9GwXfDx4e7QKY0LBs7/F/DxleWE/xkm0Aoa9jvOGyLU08IvC6mSmx C61Bxt2QJ/Vl/TcswexkjRvcL7Ge8Zwq8INdiNYAvknc9ST1hwfaPQaB1jVgse9u pnmLjNuSIM71RbEfgqwJQNhtpWsefDZCIwQmGI78ZzVaoB8tF2gR44n5dxO6ubqf zlyk+pBKoC1d5n0OXJN+/3uDYE5/H7qJEFzjLwEtc6aBfXO0hyI8v4PD/iVZbpn4 uxEcIFw40x9lzzBR8ELRTCXzt2pMxO1JDNsdbBCFpz0HZ8E1hmO7qJmwQLVy4zDE QGOdS0LmotbZ3yOrz18PuTPJJ6J0QWYe3ccnYy65li5wgjALlOI/0smueAJx/6NF 6QQEibES3Q6ZVXXx5aXT6PgLv2gHTa6IMEuCW1R16H0J6ulUKb+qRpxgwBbF0jl+ UdUJFd2zLoYEHiQj0HLFvqI7vGf+GIFwTULJdjVYaXfsJQEm7mc0XnTv6U61CiJj SLs+UC5jff0IuQGNBGl7qFIBDADZq/qL5L/RZvcG73EGKbLn8e38YsX5/Is3JIwn CJH96+++GGf5axN9ofg9EU5xMmXfaymYBPchsn1XzZ4NzEDZIDkME1qkbq0jzLk+ x47mgE+iJ3/9+lG/SCVnrgKF2NOc6gYBM4w6/t1268dqyuWIPCWwpeRNtNTAblJu PsASYfKac4FVp39A5BOxaOMW7a0HbpBe2A8B2srw1CXj9jFURqbLOe7cxpX1yu+a 76OEP0fjyI1UnOX/f9BFSwk6MT1nieECz+c5btQF+n1fAcQ95LU4ViaBjWoF3dem mlL88COaj6wiTmwCe2i8ZdBM7BDU1g/jMNd//GriXu2S1WIh+Je4yHpZNmyoldAU DFZrOQ/IR+a3QQGOv5zox3ZChGnm7U7IybQb3ChRuDL7bxMjei59F6fkpLY4sehD LcbYz+cAm4gE8cxl0xlTC7qBdfgyHTjEq8wGX/xJJuQj3Jx4kL6xnV3QoP/KfhM1 pUwEeDviVkZ1FBkZmmibjxlMitMAEQEAAYkBvAQYAQgAJhYhBIapHgGbe1KgtRHa RfWPi3UTorInBQJpe6hSAhsMBQkFo5qAAAoJEPWPi3UTorInA4kMANvKiSbo0R0N G8danWFUKmGrkCBwCgukBGLja7WF44vydyRgl1ToTmv3n9ll8yj8HmrSPrz1AU61 IWIm/4UuqpxZBi+6GPd7U0Xvv/QAIrr2vyJDnlFOvnhagJNLLIhz3S0OqLnm9CjL AMMRTiKSq22uG2qNcZX6uHW8WDdHP1ZJiRo5uE4yuccVOjJbKbWfTCYyeUAP3BPK pnZ3fG8Cz1rZtp5npEfn6PgIH9v/msGwuMNqzVk7hFsAgbPerZP/OeZfSr6dKWQF LEMQcgcXN0MPThvbzkcAsswKbCFFujqt2k68Aagl+ztqg7n487S4kO4AYG7Sbfa/ /VFX3PzInPnIjnXmmIm8x0keOaNwsMsq8ujAUxrpYuMfcwado96BMV+wLUxPS0oW UAq+K7aO5546jG9FSJ0sxHDDJd+v05D1NQtzc6xuIFlisC6k9qwWeESxYXk00sa+ GTJh0XlJ68WjjpeWjkVT1WDs4ad9bKwwMgYF6uW0C1F26dsRmHRmeQ== =/NAR -----END PGP PUBLIC KEY BLOCK----- -
Run the following command to import the key into your local RPM database.
sudo rpm --import crashplan.pub -
Run the check command against your downloaded installer file:
Replacexx.x.xin the examples below with the specific version number of your installer (for example,CrashPlan_11.0.0_Linux.rpm).rpm --checksig CrashPlan_xx.x.x_Linux.rpm -
Review the output of the command to determine if the file is safe to install.
Success: If the signature is valid, the output displays
OK. You may proceed with installation.CrashPlan_xx.x.x_Linux.rpm: digests signatures OKFailure: If the signature is invalid, the output displays
BADorNOT OK. Do not install the package. Download a fresh copy from the CrashPlan console and try again.CrashPlan_xx.x.x_Linux.rpm: MD5 sum BADError: If the output displays
NOKEY, the CrashPlan public key was not imported successfully. Retry Step 1 and Step 2.CrashPlan_xx.x.x_Linux.rpm: (SHA1) (MD5) NOKEY