- Download the AMD public
key.
- Go to the AMD Downloads Website.
- In Download Verification, click the Public
Key for the installer you have selected to download.
There is a separate public key for each installer file.
This downloads xilinx-master-signing-key.asc.
- Confirm the download and import of the AMD public key.
- To import the key, enter the following command:
gpg --import ./xilinx-master-signing-key.ascgpg --import ./xilinx-master-signing-key.asc gpg: keybox '/home/myuser/.gnupg/pubring.kbx' created gpg: /home/myuser/.gnupg/trustdb.gpg: trustdb created gpg: key 0x85D4B4BB1D692FDB: public key "Xilinx, Inc. (Xilinx Software signing key) <software@xilinx.com>" imported gpg: total number processed: 1 gpg: imported: 1 myuser@mymachine:4 - Set the trust level to ultimate. This
allows verification of the key signed by AMD.
- First, enter the following command to list the public
keys:
gpg --list-keysgpg --list-keys /home/myuser/.gnupg/pubring.kbx ------------------------------- pub rsa4096/0x85D4B4BB1D692FDB 2018-04-10 [SC] Key fingerprint = 745F 4D5B 2402 441F 410F BD0D 85D4 B4BB 1D69 2FDB uid [ unknown] xilinx, Inc. (Xilinx Software signing key) <software@xilinx.com> sub rsa4096/0xE80A66CA2B176EF9 2018-04-10 [S] sub rsa4096/0xF991913DFE46B839 2018-04-10 [E} sub rsa4096/0xC93822D0B9087126 2018-04-10 [A] myuser@mymachine:$ - To specify the key to edit, enter the following command:
gpg --edit-key 0x85D4B4BB1D692FDBgpg --edit-key 0x85D4B4BB1D692FDB gpg (GnuPG) 2.1.15; Copyright (C) 2016 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. pub rsa4096/0x85D4B4BB1D692FDB created: 2018-04-10 expires: never usage: SC trust: unknown validity: unknown sub rsa4096/0xE80A66CA2B176EF9 created: 2018-04-10 expires: never usage: S sub rsa4096/0xF991913DFE468839 created: 2018-04-10 expires: never usage: E sub rsa4096/0xC93822D0B9087126 created: 2018-04-10 expires: never usage: A [ unknown] (1). Xilinx, Inc. (Xilinx Software signing key) <software@xilinx.com> - Enter the following command to set the trust level for the legitimate key:
trustgpg> trust pub rsa4096/0x85D4B4BB1D692FDB created: 2018-04-10 expires: never usage: SC trust: unknown validity: unknown sub rsa4096/0xE80A66CA2B176EF9 created: 2018-04-10 expires: never usage: S sub rsa4096/0xF991913DFE468839 created: 2018-04-10 expires: never usage: E sub rsa4096/0xC93822D0B9087126 created: 2018-04-10 expires: never usage: A [ unknown] (1). Xilinx, Inc. (Xilinx Software signing key) <software@xilinx.com> Decide how far you trust this user to correctly verify other users' keys (by looking at passports, checking fingerprints from different sources, etc.) 1 = I don't know or won't say 2 = I do NOT trust 3 = I trust marginally 4 = I trust fully 5 = I trust ultimately m = back to the main menu - Enter
5at the prompt.Your decision? 5 Do you really want to set this key to ultimate trust? (y/n) y pub rsa4096/0x85D4B4BB1D692FDB created: 2018-04-10 expires: never usage: SC trust: ultimate validity: unknown sub rsa4096/0xE80A66CA2B176EF9 created: 2018-04-10 expires: never usage: S sub rsa4096/0xF991913DFE468839 created: 2018-04-10 expires: never usage: E sub rsa4096/0xC93822D0B9087126 created: 2018-04-10 expires: never usage: A [ unknown] (1). Xilinx, Inc. (Xilinx Software signing key) <software@xilinx.com> Note that the shown key validity is not necessarily correct unless you restart the program. gpg> q myuser@mymachine:$
- First, enter the following command to list the public
keys:
Now that you downloaded, imported, and trusted the
AMD public key, you can ensure the
authenticity and integrity of the downloaded file by verifying the signature or
verifying the digest.
Note: You
can pick one or both of methods to ensure the authenticity and integrity of
downloaded file.