Preferable way is to download tarball with the signature from official
website:
- % wget http://pygost.cypherpunks.ru/pygost-2.3.tar.xz
- % wget http://pygost.cypherpunks.ru/pygost-2.3.tar.xz.sig
- % gpg --verify pygost-2.3.tar.xz.sig pygost-2.3.tar.xz
- % xz -d < pygost-2.3.tar.xz | tar xf -
- % cd pygost-2.3
+ % wget http://pygost.cypherpunks.ru/pygost-3.7.tar.xz
+ % wget http://pygost.cypherpunks.ru/pygost-3.7.tar.xz.sig
+ % gpg --verify pygost-3.7.tar.xz.sig pygost-3.7.tar.xz
+ % xz -d < pygost-3.7.tar.xz | tar xf -
+ % cd pygost-3.7
% python setup.py install
But also you can use PIP (NO authentication is performed!):
- % pip install pygost==2.3
+ % pip install pygost==3.7
You have to verify downloaded tarballs integrity and authenticity to be
sure that you retrieved trusted and untampered software. GNU Privacy