Installation Error in openSUSE
Today I started to install moneydance_linux_amd64.rpm build 5253 in openSUSE Leap 15.6. Soon after startin the installation I got an error message:
Package header is not signed! Moneydance-2024.4.5253-1.i386 (Plain RPM files cache): Signature verification failed [6-File is unsigned]
I selected i to ignore and the installation continued.
I repeated the installation and I got the same message.
A couple of weeks earlier I installed the same downloaded file on Fedora. There I got no such message.
Keyboard shortcuts
Generic
| ? | Show this help |
|---|---|
| ESC | Blurs the current field |
Comment Form
| r | Focus the comment reply box |
|---|---|
| ^ + ↩ | Submit the comment |
You can use Command ⌘ instead of Control ^ on Mac
Support Staff 1 Posted by Maddy on 09 Apr, 2025 11:44 AM
Hi John,
Thank you for contacting Moneydance support.
You could navigate to this page and select md5sums. Then you should "save as".
Click on the moneydance_linux_amd64.rpm. It will download.
Navigate to the directoy with both files in it.
md5sum moneydance_linux_amd64.rpm
this will generate something like this:
"787363ea295fbb89f38fbd0d224b5773 moneydance_linux_amd64.rpm"
Verify that the big number matches what is in the md5sums file that you saved
grep 787363ea295fbb89f38fbd0d224b5773 md5sums
If it matches it will say something like:
"787363ea295fbb89f38fbd0d224b5773 *moneydance_linux_amd64.rpm"
Next:
dnf install .//moneydance_linux_amd64.rpm
(If you are upgrading use reinstall)
Finally, you should restart Moneydance.
I hope this information is helpful. Please let us know if you have further questions or need more assistance.
--
Maddy, Infinite Kind Support
2 Posted by FuzzyJohn on 09 Apr, 2025 01:32 PM
The MD5 checksum I have on the file I downloaded earlier is correct.
As I am just getting started in Linux, I was not aware that the dnf command can be used to install .rpm packages. I used the rpm command in both Fedora and openSUSE. Only openSUSE gave me the "not signed" message. Fedora simply installed it.
Both installations so far are running OK, without any problems.
When the next build is released I'll try to remember to use the dnf command to install in openSUSE.
Support Staff 3 Posted by Maddy on 09 Apr, 2025 01:41 PM
Thank you for reporting back.
I'm glad Moneydance is working fine now.
I'll close this discussion for now, but please don't hesitate to get back in touch, if you need further assistance.
--
Maddy, Infinite Kind Support
Maddy closed this discussion on 09 Apr, 2025 01:41 PM.
FuzzyJohn re-opened this discussion on 09 Apr, 2025 07:10 PM
4 Posted by FuzzyJohn on 09 Apr, 2025 07:10 PM
But Moneydance was working fine as far as I can tell.
My post was about the failed signature verification I got during the installation on openSUSE.
Support Staff 5 Posted by Maddy on 10 Apr, 2025 03:05 PM
Could you confirm the URL from which you downloaded Moneydance when you were returned the error you have reported?
There are web sites which offer versions of Moneydance with their own hacked software embedded in it, which would cause the code signature on Moneydance (and this the error you were seeing) to be triggered.
--
Maddy, Infinite Kind Support
6 Posted by FuzzyJohn on 10 Apr, 2025 03:17 PM
I downloaded moneydance_linux_amd64.rpm from https://infinitekind.com/stabledl/current/.
As I mentioned, the failed signature message came only from openSUSE Leap 15.6 (sudo zypper install moneydance_linux_amd64.rpml.
Fedora 41 KDE and Workstation, same downliaded file (sudo rpm -i moneydance_linux_amd64.rpm) produced no message.
Support Staff 7 Posted by Maddy on 10 Apr, 2025 04:50 PM
Thank you for the additional information, John!
I’d like to run your query past the development team who may be able to provide further information.
--
Maddy, Infinite Kind Support
8 Posted by FuzzyJohn on 19 Apr, 2025 01:14 AM
Just a small update: Fedora 42 KDE also flags the installation. See screenshot.
9 Posted by dwg on 19 Apr, 2025 08:24 AM
This sounds like there has been a recent change in OpenSuse and Fedora.
Support Staff 10 Posted by Maddy on 21 Apr, 2025 11:12 AM
@John
While the development team are looking into, it is possible to download the installer from our site and with https enabled, it is safe to ignore the signature message.
--
Maddy, Infinite Kind Support