Downloading manually Tor browser for Linux and the signature file from the original site and following the instruction given here: https://www.torproject.org/docs/verifying-signatures.html.en [/tmp/download]: gpg --keyserver pool.sks-keyservers.net --recv-keys 0x4E2C6E8793298290 gpg: requesting key 93298290 from hkp server pool.sks-keyservers.net gpg: key 93298290: public key "Tor Browser Developers (signing key) <torbrowser@torproject.org>" imported gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) [/tmp/download]: gpg --fingerprint 0x4E2C6E8793298290 pub 4096R/93298290 2014-12-15 [expires: 2020-08-24] Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 uid [ unknown] Tor Browser Developers (signing key) <torbrowser@torproject.org> sub 4096R/C3C07136 2016-08-24 [expires: 2018-08-24] [/tmp/download]: gpg --verify tor-browser-linux64-7.5_en-US.tar.xz.asc tor-browser-linux64-7.5_en-US.tar.xz gpg: Signature made Tue 23 Jan 2018 02:50:13 AM EET using RSA key ID C3C07136 gpg: Good signature from "Tor Browser Developers (signing key) <torbrowser@torproject.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 Subkey fingerprint: A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136 [/tmp/download]: