Re: lenny iso signed with key 64E6EA7D

To: debian-user@lists.debian.org
Subject: Re: lenny iso signed with key 64E6EA7D
From: Rob Owens <rowens@ptd.net>
Date: Thu, 8 Jul 2010 19:26:36 -0400
Message-id: <[🔎] 20100708232636.GA24769@aurora.owens.net>
In-reply-to: <[🔎] E1OWd5m-000612-9r@jack.mossbank.org.uk>
References: <[🔎] 20100707215158.GA18315@aurora.owens.net> <[🔎] E1OWd5m-000612-9r@jack.mossbank.org.uk>

On Wed, Jul 07, 2010 at 11:27:46PM +0100, Steve McIntyre wrote:
> Rob Owens wrote:
> >I downloaded the latest Lenny netinst for i386.  The SHA512SUMS file is
> >signed with a key id of 64E6EA7D.  However, I can't find any info on
> >that key anywhere.  I tried searching public keyservers and googling for
> >it, but nothing has turned up.
> >
> >Call me paranoid, but I never install a system unless I can verify the
> >signature...
> >
> >Can anybody shed some light on this?
> 
> Hi Rob,
> 
> Which keyservers did you use?
> 
I used the ones that Seahorse defaults to: 

hkp://pgp.mit.edu:11371
ldap://keyserver.pgp.com
hkp://subkeys.pgp.net

> $ gpg --keyserver keys.gnupg.net --recv-keys 64E6EA7D
> gpg: requesting key 64E6EA7D from hkp server keys.gnupg.net
> gpg: key 64E6EA7D: public key "Debian CD signing key <debian-cd@lists.debian.org>" imported
> gpg: no ultimately trusted keys found
> gpg: Total number processed: 1
> gpg:               imported: 1  (RSA: 1)
> 
I tried this and it worked.  Thanks!

Seahorse seems to be acting a little flaky.  I can find this key by its
email address, but not its key ID, apparently.

> It's also on keyring.debian.org. I created the key for signing Debian
> CD releases, and it's signed by a number of people including two
> previous DPLs and members of the release team:
> 
I had tried rsyncing debian-keyring.gpg and then checking the signature
with that keyring, but it did not work.

rsync -az --progress keyring.debian.org::keyrings/keyrings/debian-keyring.gpg ./debian-keyring.gpg
gpg --keyring ./debian-keyring.gpg --verify SHA512SUMS.sign SHA512SUMS

...which gave me:
gpg: Signature made Sun 27 Jun 2010 09:05:47 PM EDT using RSA key ID 64E6EA7D
gpg: Can't check signature: public key not found

> $ gpg --list-sigs 64E6EA7D
> pub   4096R/64E6EA7D 2009-10-03
> uid                  Debian CD signing key <debian-cd@lists.debian.org>
> sig 3        64E6EA7D 2009-10-03  Debian CD signing key <debian-cd@lists.debian.org>
> sig          88C7C1F7 2009-10-03  Steve McIntyre <steve@einval.com>
> sig          3442684E 2009-10-03  Steve McIntyre <steve@einval.com>
> sig          AFF122B0 2009-10-03  Christopher J. Walker <C.J.Walker@physics.org>
> sig          29982E5A 2009-10-03  Steve Langasek <vorlon@dodds.net>
> sig          68FD549F 2009-10-05  Martin Michlmayr <tbm@cyrius.com>
> sig          01AA4A64 2009-10-03  Steve Langasek <steve.langasek@canonical.com>
> sig          AF6C61DD 2009-10-05  Martin Michlmayr <tbm@cyrius.com>
> sig          95861109 2009-10-06  Ben Hutchings (DOB: 1977-01-11)
> sig          A40F862E 2009-10-09  Neil McGovern <maulkin@halon.org.uk>
> sig          0125D5C0 2009-10-14  Philip Hands <phil@hands.com>
> 
Thanks for your help.

-Rob

Reply to:

Follow-Ups:
- Re: lenny iso signed with key 64E6EA7D
  - From: Steve McIntyre <steve@einval.com>

References:
- lenny iso signed with key 64E6EA7D
  - From: Rob Owens <rowens@ptd.net>
- Re: lenny iso signed with key 64E6EA7D
  - From: Steve McIntyre <steve@einval.com>

Prev by Date: Re: [Maxima] Bug in 'for', Maxima, Debian ?
Next by Date: Re: su and environment.
Previous by thread: Re: lenny iso signed with key 64E6EA7D
Next by thread: Re: lenny iso signed with key 64E6EA7D
Index(es):
- Date
- Thread