I have been struggling to download Julia for a few days now (Slow South African internet connections!). The link seems to expire mid download. Eventually I got a full download (potentially). I would like to verify its integrity though.
Can any of you help me? Surprised that no checksums are provided (are they provided somewhere I don’t know about?
Here is what I tried:
$ gpg --verify ~/Downloads/JuliaPro-0.6.4.1_build-415.sh.asc ~/Downloads/JuliaPro-0.6.4.1_build-415.sh
gpg: Signature made Sat 14 Jul 2018 10:17:54 AM SAST
gpg: using RSA key 32E70AF909788F1E
gpg: Can’t check signature: No public key
Ok, I found another forum post which helped me. I entered the command to fetch the public keys just before.
`gpg --keyserver hkp://pgp.mit.edu:80 --recv-key 0x09788F1E`
gpg: key 32E70AF909788F1E: public key "Julia Computing, Inc. <pradeep@juliacomputing.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
gpg --verify ~/Downloads/JuliaPro-0.6.4.1_build-415.sh.asc ~/Downloads/JuliaPro-0.6.4.1_build-415.sh
gpg: Signature made Sat 14 Jul 2018 10:17:54 AM SAST
gpg: using RSA key 32E70AF909788F1E
gpg: Good signature from “Julia Computing, Inc. pradeep@juliacomputing.com” [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: C4C9 1C1D 92AF 9163 ADAA 5186 32E7 0AF9 0978 8F1E
You can use gpg –verify command to verify JuliaPro Linux binaries, you have to pass .asc file and the JuliaPro Linux binary in question; as argument to gpg –verify command.
You have to download .asc file separately, link to download the .asc file is provided along with JuliaPro download links. Make sure Julia Computing GPG public keys are pre-installed on your system before executing gpg --verify. Julia Computing GPG public keys can be found in https://juliacomputing.com/products/faqs/juliaprofaq.html (Search for the question “Where can I find Julia Computing GPG public keys?” on the FAQ page)