[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to get new Debian gpg keys?



on Wed, Jan 04, 2006 at 12:25:15AM -0500, Joey Hess (joeyh@debian.org) wrote:
> Edward C. Jones wrote:
> > I am getting the following message from synaptic:
> > 
> > W: GPG error: http://ftp.us.debian.org unstable Release: The following 
> > signatures couldn't be verified because the public key is not available: 
> > NO_PUBKEY 010908312D230C5F
> > 
> > From what I have read, this is going to happen every January. What do I 
> > do? Where in the Debian documentation is the procedure I need to use 
> > documented?
> 
> wget http://ftp-master.debian.org/ziyi_key_2006.asc -O - | sudo apt-key add -

In my case the following (pasting together a couple of shell
histories...) seemed to do the trick:

    apt-get install debian-keyring 
    gpg --import /usr/share/keyrings/debian-keyring.gpg 
    gpg --armor --export  010908312D230C5F 07DC563D1F41B907 07DC563D1F41B907 |
        apt-key add -

... modulo values of keys (those were the ones aptitude was bitching
about).

Any harm in exporting root's GPG keys into apt-key?  I currently only
have four (Debian's autosign keys + a third-party archive) present.
 
> Secure apt is too young for us to have a well-defined procedure for
> dealing with this. Apparently they tried to do a two-step transition
> that would have allowed apt to download a new version of itself that
> knew about the new key before the old key expires, but the way it's been
> done so far has not worked due to a bug in apt.

Glad to see it's finally happening, nonetheless, and appreciate your
hints as always.


Peace.

-- 
Karsten M. Self <kmself@ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    America Trans Air (ATA) customer service sucks:
     http://kmself.home.netcom.com/Rants/ata-sucks.html

Attachment: signature.asc
Description: Digital signature


Reply to: