[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

gpg keys, secure apt

OK. I give up. My apt keys are all screwed up. I think.

'apt-get install anjuta anjuta-common' says:

----------------
Reading package lists... Done
Building dependency tree... Done
Suggested packages:
  libgtk2.0-dev libgtkmm2.0-dev libgnome2-dev libgnomemm2.0-dev
devhelp-books glade-2 glade-gnome-2
Recommended packages:
  cvs automake autoconf indent ctags devhelp gnome-devel libtool
The following packages will be upgraded:
  anjuta anjuta-common
2 upgraded, 0 newly installed, 0 to remove and 301 not upgraded.
Need to get 0B/6822kB of archives.
After unpacking 487kB of additional disk space will be used.
Authenticating /var/cache/apt/archives/anjuta-common_1.2.4a-2_all.deb ...
debsig: Origin Signature check failed. This deb might not be signed.

dpkg: error
processing /var/cache/apt/archives/anjuta-common_1.2.4a-2_all.deb
(--unpack):
 Verification on
package /var/cache/apt/archives/anjuta-common_1.2.4a-2_all.deb failed!
Authenticating /var/cache/apt/archives/anjuta_1.2.4a-2_i386.deb ...
debsig: Origin Signature check failed. This deb might not be signed.

dpkg: error processing /var/cache/apt/archives/anjuta_1.2.4a-2_i386.deb
(--unpack):
 Verification on
package /var/cache/apt/archives/anjuta_1.2.4a-2_i386.deb failed!
Errors were encountered while processing:
 /var/cache/apt/archives/anjuta-common_1.2.4a-2_all.deb
 /var/cache/apt/archives/anjuta_1.2.4a-2_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
--------------------

'dpkg -i --force-bad-verify anjuta-common_1.2.4a-2_all.deb'

complains, but works. And anjuta launches (last version didn't).


I've done the wgets and apt-key adds (twice to get rid of the untrusted
key whinage) of the 2005 and 2006 ftpmaster keys. 'apt-key list' says:

---------------
pub   1024D/2D230C5F 2006-01-03 [expires: 2007-02-07]
uid                  Debian Archive Automatic Signing Key (2006)
<ftpmaster@debian.org>

pub   1024D/4F368D5D 2005-01-31 [expires: 2006-01-31]
uid                  Debian Archive Automatic Signing Key (2005)
<ftpmaster@debian.org>

pub   1024D/1F41B907 1999-10-03
uid                  Christian Marillat <marillat@debian.org>
uid                  Christian Marillat <marillat@free.fr>
sub   1536g/C28DCC42 1999-10-03
sub   1024D/5D3877A7 2002-08-26
----------------------

A package from the marillat repositories doesn't verify either:

--------------------
apt-get install --reinstall lame
Reading package lists... Done
Building dependency tree... Done
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 311 not
upgraded.
Need to get 232kB of archives.
After unpacking 0B of additional disk space will be used.
Do you want to continue [Y/n]?
Get:1 ftp://ftp.nerim.net sid/main lame 3.96.1-1 [232kB]
Fetched 232kB in 7s (30.5kB/s)
Authenticating /var/cache/apt/archives/lame_3.96.1-1_i386.deb ...
debsig: Origin Signature check failed. This deb might not be signed.

dpkg: error processing /var/cache/apt/archives/lame_3.96.1-1_i386.deb
(--unpack):
 Verification on package /var/cache/apt/archives/lame_3.96.1-1_i386.deb
failed!
Errors were encountered while processing:
 /var/cache/apt/archives/lame_3.96.1-1_i386.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
--------------------

mkdebmirror says the keys are good. I'm using the mit repository. My
system is sid i386, kernel 2.6.12-1-386. apt-get is v 0.6.43.1. 

I know this subject has been beaten to death on this list (because I've
followed the suggestions, and they don't work), but I haven't been able
to upgrade for far too long. I think I did something that bent apt
horribly because things seemed to be working until I 'learned' about
gpg. 

Is there a way to start over with apt? Is that what I should do? Do you
have a more informed guess as to what's broken?

-- 
Glenn English
ghe@slsware.com
Reply to: