Problem mit debmirror und keys
Ich erstelle und aktualisiere mit debmirror ein lokales Debian Repository.
Das hat seit Jahren bis letzten August einwandfrei funktioniert, seit
heute aber nicht mehr.
Nach Aufruf von debmirror erhalte ich folgende Meldungen:
>Getting meta files ...
>[ 0%] Getting: dists/stretch/Release... ok
>[ 0%] Getting: dists/stretch/InRelease... failed 404 Not Found
>[ 0%] Getting: dists/stretch/Release.gpg... ok
>Failed to download some Release, Release.gpg or InRelease files!
>WARNING: releasing 1 pending lock...
>[GNUPG:] NEWSIG
>[GNUPG:] KEY_CONSIDERED E1CF20DDFFE4B89E802658F1E0B11894F66AEC98 0
>[GNUPG:] SIG_ID lkB31RgL+oOs8kuvIPys6Q00n2A 2021-08-14 1628927004
>[GNUPG:] KEY_CONSIDERED E1CF20DDFFE4B89E802658F1E0B11894F66AEC98 0
>[GNUPG:] GOODSIG 04EE7237B7D453EC Debian Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>
>[GNUPG:] VALIDSIG 16E90B3FDF65EDE3AA7F323C04EE7237B7D453EC 2021-08-14 1628927004 0 4 0 1 8 00 E1CF20DDFFE4B89E802658F1E0B11894F66AEC98
>[GNUPG:] NEWSIG
>[GNUPG:] KEY_CONSIDERED 80D15823B7FD1561F9F7BCDDDC30D7C23CBBABEE 0
>[GNUPG:] SIG_ID FPNI/eDnJeJgaQtcKKBq8TwgBUc 2021-08-14 1628927005
>[GNUPG:] KEY_CONSIDERED 80D15823B7FD1561F9F7BCDDDC30D7C23CBBABEE 0
>[GNUPG:] GOODSIG 648ACFD622F3D138 Debian Archive Automatic Signing Key (10/buster) <ftpmaster@debian.org>
>[GNUPG:] VALIDSIG 0146DC6D4A0B2914BDED34DB648ACFD622F3D138 2021-08-14 1628927005 0 4 0 1 8 00 80D15823B7FD1561F9F7BCDDDC30D7C23CBBABEE
>[GNUPG:] NEWSIG
>[GNUPG:] ERRSIG 0E98404D386FA1D9 1 8 00 1628930779 9
>[GNUPG:] NO_PUBKEY 0E98404D386FA1D9
>[GNUPG:] NEWSIG debian-release@lists.debian.org
>[GNUPG:] KEY_CONSIDERED 067E3C456BAE240ACEE88F6FEF0F382A1A7B6500 0
>[GNUPG:] SIG_ID HWV+qXjmi5CbakugxADtq0nHAmc 2021-08-14 1628929603
>[GNUPG:] KEY_CONSIDERED 067E3C456BAE240ACEE88F6FEF0F382A1A7B6500 0
>[GNUPG:] GOODSIG EF0F382A1A7B6500 Debian Stable Release Key (9/stretch) <debian-release@lists.debian.org>
>[GNUPG:] VALIDSIG 067E3C456BAE240ACEE88F6FEF0F382A1A7B6500 2021-08-14 1628929603 0 4 0 1 8 00 067E3C456BAE240ACEE88F6FEF0F382A1A7B6500
>gpgv: Signature made Sa 14 Aug 2021 09:43:24 CEST
>gpgv: using RSA key 16E90B3FDF65EDE3AA7F323C04EE7237B7D453EC
>gpgv: Good signature from "Debian Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>"
>gpgv: Signature made Sa 14 Aug 2021 09:43:25 CEST
>gpgv: using RSA key 0146DC6D4A0B2914BDED34DB648ACFD622F3D138
>gpgv: Good signature from "Debian Archive Automatic Signing Key (10/buster) <ftpmaster@debian.org>"
>gpgv: Signature made Sa 14 Aug 2021 10:46:19 CEST
>gpgv: using RSA key A7236886F3CCCAAD148A27F80E98404D386FA1D9
>gpgv: Can't check signature: Kein öffentlicher Schlüssel
>gpgv: Signature made Sa 14 Aug 2021 10:26:43 CEST
>gpgv: using RSA key 067E3C456BAE240ACEE88F6FEF0F382A1A7B6500
>gpgv: issuer "debian-release@lists.debian.org"
>gpgv: Good signature from "Debian Stable Release Key (9/stretch) <debian-release@lists.debian.org>"
>gpgv: Signature made Sa 14 Aug 2021 09:43:24 CEST
>gpgv: using RSA key 16E90B3FDF65EDE3AA7F323C04EE7237B7D453EC
>gpgv: Good signature from "Debian Archive Automatic Signing Key (9/stretch) <ftpmaster@debian.org>"
>gpgv: Signature made Sa 14 Aug 2021 09:43:25 CEST
>gpgv: using RSA key 0146DC6D4A0B2914BDED34DB648ACFD622F3D138
>gpgv: Good signature from "Debian Archive Automatic Signing Key (10/buster) <ftpmaster@debian.org>"
>gpgv: Signature made Sa 14 Aug 2021 10:46:19 CEST
>gpgv: using RSA key A7236886F3CCCAAD148A27F80E98404D386FA1D9
>gpgv: Can't check signature: Kein öffentlicher Schlüssel
>gpgv: Signature made Sa 14 Aug 2021 10:26:43 CEST
>gpgv: using RSA key 067E3C456BAE240ACEE88F6FEF0F382A1A7B6500
>gpgv: issuer "debian-release@lists.debian.org"
>gpgv: Good signature from "Debian Stable Release Key (9/stretch) <debian-release@lists.debian.org>"
>.temp/.tmp/dists/stretch/Release.gpg signature does not verify.
>Errors:
> .temp/.tmp/dists/stretch/Release.gpg signature does not verify>
Das es hier um irgend welche Schlüssel geht, die debmirror nicht findet,
ist mir schon klar. Aber welche sind das und wo bekomme ich die her?
Reply to: