- Download the AMD public
key.
- Go to the AMD Downloads Website.
- In Download Verification, click the Public
Key for the installer you have selected to download.
There is a separate public key for each installer file.
This downloads xilinx-master-signing-key.asc.
- Confirm the download and import of the AMD public key.
- To import the key, enter the following command:
gpg --import ./xilinx-master-signing-key.asc
gpg --import ./xilinx-master-signing-key.asc gpg: keybox '/home/myuser/.gnupg/pubring.kbx' created gpg: /home/myuser/.gnupg/trustdb.gpg: trustdb created gpg: key 0x85D4B4BB1D692FDB: public key "Xilinx, Inc. (Xilinx Software signing key) <software@xilinx.com>" imported gpg: total number processed: 1 gpg: imported: 1 myuser@mymachine:4
- Set the trust level to ultimate. This
allows verification of the key signed by AMD.
- First, enter the following command to list the public
keys:
gpg --list-keys
gpg --list-keys /home/myuser/.gnupg/pubring.kbx ------------------------------- pub rsa4096/0x85D4B4BB1D692FDB 2018-04-10 [SC] Key fingerprint = 745F 4D5B 2402 441F 410F BD0D 85D4 B4BB 1D69 2FDB uid [ unknown] xilinx, Inc. (Xilinx Software signing key) <software@xilinx.com> sub rsa4096/0xE80A66CA2B176EF9 2018-04-10 [S] sub rsa4096/0xF991913DFE46B839 2018-04-10 [E} sub rsa4096/0xC93822D0B9087126 2018-04-10 [A] myuser@mymachine:$
- To specify the key to edit, enter the following command:
gpg --edit-key 0x85D4B4BB1D692FDB
gpg --edit-key 0x85D4B4BB1D692FDB gpg (GnuPG) 2.1.15; Copyright (C) 2016 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. pub rsa4096/0x85D4B4BB1D692FDB created: 2018-04-10 expires: never usage: SC trust: unknown validity: unknown sub rsa4096/0xE80A66CA2B176EF9 created: 2018-04-10 expires: never usage: S sub rsa4096/0xF991913DFE468839 created: 2018-04-10 expires: never usage: E sub rsa4096/0xC93822D0B9087126 created: 2018-04-10 expires: never usage: A [ unknown] (1). Xilinx, Inc. (Xilinx Software signing key) <software@xilinx.com>
- Enter the following command to set the trust level for
the legitimate key:
trust
gpg> trust pub rsa4096/0x85D4B4BB1D692FDB created: 2018-04-10 expires: never usage: SC trust: unknown validity: unknown sub rsa4096/0xE80A66CA2B176EF9 created: 2018-04-10 expires: never usage: S sub rsa4096/0xF991913DFE468839 created: 2018-04-10 expires: never usage: E sub rsa4096/0xC93822D0B9087126 created: 2018-04-10 expires: never usage: A [ unknown] (1). Xilinx, Inc. (Xilinx Software signing key) <software@xilinx.com> Please decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu
- Enter
5
at the prompt.Your decision? 5 Do you really want to set this key to ultimate trust? (y/n) y pub rsa4096/0x85D4B4BB1D692FDB created: 2018-04-10 expires: never usage: SC trust: ultimate validity: unknown sub rsa4096/0xE80A66CA2B176EF9 created: 2018-04-10 expires: never usage: S sub rsa4096/0xF991913DFE468839 created: 2018-04-10 expires: never usage: E sub rsa4096/0xC93822D0B9087126 created: 2018-04-10 expires: never usage: A [ unknown] (1). Xilinx, Inc. (Xilinx Software signing key) <software@xilinx.com> Please note that the shown key validity is not necessarily correct unless you restart the program. gpg> q myuser@mymachine:$
- First, enter the following command to list the public
keys:
Now that you have downloaded, imported, and
trusted the AMD public key – you can ensure the
authenticity and integrity of the downloaded file by verifying the signature or
verifying the digest.
Note: You
can pick one or both of methods to ensure the authenticity and integrity of
downloaded file.