Tails transitioned to a new signing key between Tails 1.3 (February 24) and Tails 1.3.1 (March 31). If you had the previous signing key, make sure to import and verify the new signing key.

Install seahorse-nautilus and shared-mime-info

You need to have recent enough versions of the seahorse-nautilus and shared-mime-info packages installed.

These packages are already installed in Tails.

The needed packages are available starting from:

  • Debian version 7 (Wheezy)
  • Ubuntu version 15.04 (Vivid)
In Debian Wheezy, the needed packages are only available as backports. See the setup instructions on the Debian Backports website to add them to your list of repositories. Then, to install the necessary packages, you can execute the following commands:
sudo apt-get update
sudo apt-get install seahorse-nautilus/wheezy-backports shared-mime-info/wheezy-backports
In Debian 8 (Jessie), Ubuntu 15.04 (Vivid), or later, to install the necessary packages, you can execute the following commands:
sudo apt update
sudo apt install seahorse-nautilus

If you are unable to install the necessary packages, try verifying the ISO using the command line.

Get the Tails signing key

If you are using Tails, you already have the signing key. Otherwise, first download Tails signing key:

Tails signing key

Your browser should propose you to open it with "Import Key". Choose this action. It will add Tails signing key to your keyring, the collection of OpenPGP keys you already imported:

What should the web browser do with this
file? Open with: Import Key (default)

You will get notified will the following message:

Key Imported. Imported a key for Tails
developers (offline long-term identity key) <tails@boum.org>

The GNOME notifications appear truncated on Tails 1.1 and later.
See ticket #7249.

Verify the ISO image

Now, download the cryptographic signature corresponding to the ISO image you want to verify:

Tails 1.4 signature

Your browser should propose you to open it with "Verify Signature". Choose this action to start the cryptographic verification:

What should the web browser do
with this file?  Open with: Verify Signature (default)

Browse your files to select the Tails ISO image you want to verify. Then, the verification will start. It can take several minutes:

Verifying

If the ISO image is correct you will get a notification telling you that the signature is good:

Goog Signature

If the ISO image is not correct you will get a notification telling you that the signature is bad:

Bad Signature: Bad or forged signature.