~$ sudo apt build-dep wget Reading package lists... Done Reading package lists... Done Building dependency tree Reading state information... Done ... The following NEW packages will be installed: libidn11-dev libtext-unidecode-perl tex-common texinfo The following packages will be upgraded: libidn11 libidn11:i386 2 upgraded, 4 newly installed, 0 to remove and 381 not upgraded. Need to get 1,498 kB of archives. After this operation, 8,750 kB of additional disk space will be used. Do you want to continue? [Y/n] y ... Processing triggers for man-db (2.8.3-2ubuntu0.1) ... Setting up texinfo (6.5.0.dfsg.1-2) ... Setting up libidn11:amd64 (1.33-2.1ubuntu1.2) ... Setting up libidn11:i386 (1.33-2.1ubuntu1.2) ... Setting up libidn11-dev (1.33-2.1ubuntu1.2) ... Processing triggers for libc-bin (2.27-3ubuntu1) ...
~$ gpg --verify wget_1.17.1-1ubuntu1.5.dsc gpg: Signature made Tue 09 Apr 2019 03:56:48 AM CST using RSA key ID 840B1F69 gpg: Can't check signature: No public key ~$ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 840B1F69 gpg: key 840B1F69: 10 signatures not checked due to missing keys gpg: key 840B1F69: public key "Leonidas S. Barbosa <leo.barbosa@canonical.com>" imported gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: next trustdb check due at 2021-04-12 gpg: Total number processed: 1 gpg: imported: 1 ~$ gpg --edit-key 840B1F69 gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. pub rsa4096/840B1F69 created: 2017-06-09 expires: never usage: SC trust: unknown validity: unknown sub rsa4096/428BA46A created: 2017-06-09 expires: never usage: E [ unknown] (1). Leonidas S. Barbosa <leo.barbosa@canonical.com> [ unknown] (2) Leonidas S. Barbosa <lndsbarbosa@gmail.com> [ unknown] (3) Leonidas S. Barbosa <leo.leonidas@canonical.com> gpg> uid 1 pub rsa4096/840B1F69 created: 2017-06-09 expires: never usage: SC trust: unknown validity: unknown sub rsa4096/428BA46A created: 2017-06-09 expires: never usage: E [ unknown] (1)* Leonidas S. Barbosa <leo.barbosa@canonical.com> [ unknown] (2) Leonidas S. Barbosa <lndsbarbosa@gmail.com> [ unknown] (3) Leonidas S. Barbosa <leo.leonidas@canonical.com> gpg> lsign pub rsa4096/840B1F69 created: 2017-06-09 expires: never usage: SC trust: unknown validity: unknown Primary key fingerprint: 7FE7 9B44 5728 C8EA 0042 839E 45BC E75B 840B 1F69 Leonidas S. Barbosa <leo.barbosa@canonical.com> Are you sure that you want to sign this key with your key "luo.runbing (https://www.example.com/) <luo.runbing@example.com>" (C7E8A950) The signature will be marked as non-exportable. Really sign? (y/N) y gpg> lsign Really sign all text user IDs? (y/N) y "Leonidas S. Barbosa <leo.barbosa@canonical.com>" was already locally signed by key C7E8A950 pub rsa4096/840B1F69 created: 2017-06-09 expires: never usage: SC trust: full validity: full Primary key fingerprint: 7FE7 9B44 5728 C8EA 0042 839E 45BC E75B 840B 1F69 Leonidas S. Barbosa <lndsbarbosa@gmail.com> Leonidas S. Barbosa <leo.leonidas@canonical.com> Are you sure that you want to sign this key with your key "luo.runbing (https://www.example.com/) <luo.runbing@example.com>" (C7E8A950) The signature will be marked as non-exportable. Really sign? (y/N) y gpg> trust pub rsa4096/840B1F69 created: 2017-06-09 expires: never usage: SC trust: unknown validity: full sub rsa4096/428BA46A created: 2017-06-09 expires: never usage: E [ full ] (1). Leonidas S. Barbosa <leo.barbosa@canonical.com> [ full ] (2) Leonidas S. Barbosa <lndsbarbosa@gmail.com> [ full ] (3) Leonidas S. Barbosa <leo.leonidas@canonical.com> Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.)
1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu
Your decision? 4
pub rsa4096/840B1F69 created: 2017-06-09 expires: never usage: SC trust: full validity: full sub rsa4096/428BA46A created: 2017-06-09 expires: never usage: E [ full ] (1). Leonidas S. Barbosa <leo.barbosa@canonical.com> [ full ] (2) Leonidas S. Barbosa <lndsbarbosa@gmail.com> [ full ] (3) Leonidas S. Barbosa <leo.leonidas@canonical.com> Please note that the shown key validity is not necessarily correct unless you restart the program.
~$ gpg --verify wget_1.17.1-1ubuntu1.5.dsc gpg: Signature made Tue 09 Apr 2019 03:56:48 AM CST using RSA key ID 840B1F69 gpg: Good signature from "Leonidas S. Barbosa <leo.barbosa@canonical.com>" [full] gpg: aka "Leonidas S. Barbosa <lndsbarbosa@gmail.com>" [full] gpg: aka "Leonidas S. Barbosa <leo.leonidas@canonical.com>" [full]