Need a VPN for Linux?Get ExpressVPN Now
Love ExpressVPN? Want a free month?Refer a friend now
This tutorial will show you how to verify that the installer for the ExpressVPN app for Linux really came from ExpressVPN. This involves a system called PGP, which ExpressVPN uses to digitally sign its installers for Linux.
To learn how to set up your VPN for Linux, see the setup tutorial for the ExpressVPN app for Linux.
Jump to section
Download the PGP key
Download the ExpressVPN PGP key by running the command:
gpg --keyserver x-hkp://pool.sks-keyservers.net --recv-keys 0xAFF2A1415F6A3A38
Verify the fingerprint of the PGP key
Run this command:
gpg --fingerprint 0xAFF2A1415F6A3A38 and verify the fingerprint is 1D0B 09AD 6C93 FEE9 3FDD BD9D AFF2 A141 5F6A 3A38
Verifying the signature on an installer
Now that you’ve installed ExpressVPN’s PGP key, you can use it to verify authenticity of files released by ExpressVPN. Whenever you download a new version of ExpressVPN for Linux, use the following steps to confirm that it was really issued by ExpressVPN:
Navigate to the folder where you downloaded the installer file. For example:
Once inside the folder, run one of the following commands:
Ubuntu / Debian 64-bit::
gpg --verify expressvpn_1.1.0_amd64.deb.asc
Ubuntu / Debian 32-bit::
gpg --verify expressvpn_1.1.0_i386.deb.asc
Fedora / CentOS 64-bit::
gpg --verify expressvpn-1.1.0-1.x86_64.rpm.asc
Fedora / CentOS 32-bit::
gpg --verify expressvpn-1.1.0-1.i386.rpm.asc
You should see the primary key fingerprint displayed as in the screen below.
Verify the fingerprint is 1D0B 09AD 6C93 FEE9 3FDD BD9D AFF2 A141 5F6A 3A38. This is the same fingerprint you saw above.