FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux General Discussion

 
 
LinkBack Thread Tools
 
Old 12-20-2011, 01:49 PM
Keshav P R
 
Default Unable to upgrade community/rekonq (PGP signature issue)

On Tue, Dec 20, 2011 at 20:06, Gaetan Bisson <bisson@archlinux.org> wrote:

> [2011-12-20 19:38:19 +0530] Keshav P R:
> > error: rekonq: key "22AD5874F39D989F" is unknown
> > error: key "22AD5874F39D989F" could not be looked up remotely
>
> This seems to be Peter Lewis signing with (one of his many) subkeys...
> (Not sure why he does that.)
>
> Do `gpg --recv-key E19DAA50` (primary ID) to get his key.
>
> --
> Gaetan
>

Thanks. I did

# pacman-key --recv-keys E19DAA50
# pacman-key --refresh-keys

There seems to be many new User IDs and Signatures. Should I do "pacman-key
--refresh-keys" periodically?

Regards.

Keshav
 
Old 12-20-2011, 01:50 PM
Denis A. Altoé Falqueto
 
Default Unable to upgrade community/rekonq (PGP signature issue)

On Tue, Dec 20, 2011 at 12:08 PM, Keshav P R
<the.ridikulus.rat@gmail.com> wrote:
> Hi all,
> * * * * I am unable to upgrade community/rekonq from 0.8.0-1 to 0.8.1-1
> due to
>
> error: rekonq: key "22AD5874F39D989F" is unknown
> error: key "22AD5874F39D989F" could not be looked up remotely
> error: failed to commit transaction (invalid or corrupted package (PGP
> signature))
> Errors occurred, no packages were upgraded.

I've had some issues like that, but retrying the update somehow makes
it download the key. Have you retried the update?

--
A: Because it obfuscates the reading.
Q: Why is top posting so bad?
For mor information, please read: http://idallen.com/topposting.html

-------------------------------------------
Denis A. Altoe Falqueto
Linux user #524555
-------------------------------------------
 
Old 12-20-2011, 02:01 PM
Keshav P R
 
Default Unable to upgrade community/rekonq (PGP signature issue)

On Tue, Dec 20, 2011 at 20:20, Denis A. Altoé Falqueto <
denisfalqueto@gmail.com> wrote:

> On Tue, Dec 20, 2011 at 12:08 PM, Keshav P R
> <the.ridikulus.rat@gmail.com> wrote:
> > Hi all,
> > I am unable to upgrade community/rekonq from 0.8.0-1 to 0.8.1-1
> > due to
> >
> > error: rekonq: key "22AD5874F39D989F" is unknown
> > error: key "22AD5874F39D989F" could not be looked up remotely
> > error: failed to commit transaction (invalid or corrupted package (PGP
> > signature))
> > Errors occurred, no packages were upgraded.
>
> I've had some issues like that, but retrying the update somehow makes
> it download the key. Have you retried the update?
>
>
I retried the update many times and also tried "--recv-keys
22AD5874F39D989F" but both didn't work.

- Keshav
 
Old 12-20-2011, 02:06 PM
Keshav P R
 
Default Unable to upgrade community/rekonq (PGP signature issue)

On Tue, Dec 20, 2011 at 20:25, Gaetan Bisson <bisson@archlinux.org> wrote:

> [2011-12-20 20:19:13 +0530] Keshav P R:
> > There seems to be many new User IDs and Signatures. Should I do
> "pacman-key
> > --refresh-keys" periodically?
>
> Actually, `--refresh-keys` will only update signatures; to get the new
> keys you must either import them from pacman as you install packages
> signed by previously unseen keys, or use an ugly script like that to get
> all new keys at once:
>
> curl https://www.archlinux.org/{developers,trustedusers}/ |
> awk -F" '(/pgp.mit.edu/) {sub(/.*search=0x/,"");print $1}' |
> xargs sudo pacman-key --recv-keys
>
> --
> Gaetan
>

Now that I have refreshed the list of keys. How should I import them all?
Should I do

# pacman-key --updatedb

or whenever I install a package which is signed with one of the new keys,
will pacman import the key automatically? Sorry I am not used to this
package signing of PGP thingy? Anyway thanks for you help (and for the
"ugly" script). I have updated rekonq and now downloading Qt 4.8 and all
other packages.

Regards.

Keshav
 
Old 12-20-2011, 02:57 PM
Peter Lewis
 
Default Unable to upgrade community/rekonq (PGP signature issue)

On Wednesday 21 Dec 2011 01:36:35 Gaetan Bisson wrote:
> [2011-12-20 19:38:19 +0530] Keshav P R:
> > error: rekonq: key "22AD5874F39D989F" is unknown
> > error: key "22AD5874F39D989F" could not be looked up remotely

I opened a bug about this a couple of days ago: FS#27612.

> This seems to be Peter Lewis signing with (one of his many) subkeys...

You're right, it seems to be to do with the use of a subkey.

> (Not sure why he does that.)

Heh heh. This basically explains the reason quite well:

http://wiki.debian.org/subkeys

I have my master key stored offline, and I hope it will last forever without
being compromised and I won't have to go around getting my key signed again.
Also, the subkeys are only stored on a smart-card and, so I'm told, can't be
taken off it. (I know, call me paranoid...)


> Do `gpg --recv-key E19DAA50` (primary ID) to get his key.

Did this:

% pacman-key -r 22AD5874F39D989F

not work for you? I was discussing this problem with Seblu earlier and we
could both just do this, only it wouldn't be imported automatically by pacman.

Pete.
 
Old 12-20-2011, 03:29 PM
Peter Lewis
 
Default Unable to upgrade community/rekonq (PGP signature issue)

On Wednesday 21 Dec 2011 03:15:58 Gaetan Bisson wrote:
> [2011-12-20 15:57:02 +0000] Peter Lewis:
> > I have my master key stored offline, and I hope it will last forever
>
> I see. It's just to bad that it is only 1024-bit long... RSA and DSA
> keys of this length will probably be crackable in ten/fifteen years.
> (And I'm sure the NSA can already do it.)

s/forever/longer than it's likely to otherwise with me at the helm/

;-)

To be honest, I'm no expert in this, but when I first set all this gnupg stuff
up, I read that it was a good idea. Seems to be better than not doing it this
way, at least.

Pete.
 
Old 12-20-2011, 05:56 PM
Keshav P R
 
Default Unable to upgrade community/rekonq (PGP signature issue)

On Tue, Dec 20, 2011 at 21:27, Peter Lewis <plewis@aur.archlinux.org> wrote:

> On Wednesday 21 Dec 2011 01:36:35 Gaetan Bisson wrote:
> > [2011-12-20 19:38:19 +0530] Keshav P R:
> > > error: rekonq: key "22AD5874F39D989F" is unknown
> > > error: key "22AD5874F39D989F" could not be looked up remotely
>
> I opened a bug about this a couple of days ago: FS#27612.
>
> > This seems to be Peter Lewis signing with (one of his many) subkeys...
>
> You're right, it seems to be to do with the use of a subkey.
>
> > (Not sure why he does that.)
>
> Heh heh. This basically explains the reason quite well:
>
> http://wiki.debian.org/subkeys
>
> I have my master key stored offline, and I hope it will last forever
> without
> being compromised and I won't have to go around getting my key signed
> again.
> Also, the subkeys are only stored on a smart-card and, so I'm told, can't
> be
> taken off it. (I know, call me paranoid...)
>
>
> > Do `gpg --recv-key E19DAA50` (primary ID) to get his key.
>
> Did this:
>
> % pacman-key -r 22AD5874F39D989F
>
> not work for you? I was discussing this problem with Seblu earlier and we
> could both just do this, only it wouldn't be imported automatically by
> pacman.
>
> Pete.
>

I guess this has something to do with using keys.gnupg.net instead of
pgp.mit.edu. I had issues with keys.gnupg.net (versy slow dueing initial
keyring creation) and came across pgp.mit.edu as an alternative and faster
keyserver. I changed the keyserver and tried "pacman -S rekonq" again
thinking that would solve the problem but it didn't. I didn't know about
subkeys etc. and thats why I started this thread. But manually importing
the key using pacman-key after changing the keyserver didn't cross my mind
since I thought pacman should obviously do that by itself. Anyway all's
well now. Thanks for your help.

Regards.

Keshav
 

Thread Tools




All times are GMT. The time now is 10:20 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org