[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debmirror Public Key Not Found

On Thu, Sep 04, 2008 at 00:46:31 +0700, Zaki Akhmad wrote:
> Hi
> I am trying to make mirror debian repository to my portable harddisk.
> I am having difficulty with public key. Which public key I should
> export? To where?
> Here's the result after I execute debmirror
> Mirroring to main from ftp://anonymous@komo.vlsm.org//debian/
> Arches: i386
> Dists: sid
> Sections: main,contrib,non-free,main/debian-installer
> Will clean up AFTER mirroring.
> Pdiff mode: use.
> Attempting to get lock, this might take 2 minutes before it fails.
> Get Release files.
> [0%] Keeping: dists/sid/Release
> [0%] Keeping: dists/sid/Release.gpg
> gpgv: keyblock resource `/home/za/.gnupg/trustedkeys.gpg': general error

Does this file exist? If it does exist, what are its ownership and

> gpgv: Signature made Wed 03 Sep 2008 03:52:53 PM WIT using DSA key ID 6070D3A1
> [GNUPG:] ERRSIG A70DAF536070D3A1 17 2 00 1220431973 9
> gpgv: Can't check signature: public key not found
> Release signature does not verify.
> Errors:
>  Release signature does not verify.
> Failed to download some Release or Release.gpg files!
> WARNING: releasing 1 pending lock...
> Here's my list-key
> za@zara:~$ gpg --list-keys
> /home/za/.gnupg/pubring.gpg


That is your normal public keyring; debmirror seems to look for the
archive signing keys in a dedicated separate file:

If you do not have ~/.gnupg/trustedkeys.gpg then you can try to copy the
complete archive keyring file (as your normal user 'za'):

cp /usr/share/keyrings/debian-archive-keyring.gpg ~/.gnupg/trustedkeys.gpg

If you already have ~/.gnupg/trustedkeys.gpg and you want to add a certain key
to it then you can do something like this:

gpg --no-default-keyring -a --keyring /usr/share/keyrings/debian-archive-keyring.gpg --export A70DAF536070D3A1 | gpg --no-default-keyring --keyring ~/.gnupg/trustedkeys.gpg --import -

To check which keys are on the ~/.gnupg/trustedkeys.gpg keyring, use
this command:

gpg --no-default-keyring --keyring ~/.gnupg/trustedkeys.gpg --list-key

Regards,            | http://users.icfo.es/Florian.Kulzer
          Florian   |

Reply to: