Re: gpg says no user ID

To: Henning Follmann <hfollmann@itcfollmann.com>, Debian User <debian-user@lists.debian.org>
Subject: Re: gpg says no user ID
From: Thomas George <debianlist@mailfence.com>
Date: Tue, 15 Nov 2022 12:22:18 -0500
Message-id: <[🔎] e5b43ad5-3ec1-6e0d-10c6-74d9a890f9b6@mailfence.com>
In-reply-to: <[🔎] Y3NG7fipKWKDfKWA@zeus.localnet>
References: <[🔎] 16a05b15-274e-787f-c951-422c76ffc33f@mailfence.com> <[🔎] Y3NG7fipKWKDfKWA@zeus.localnet>

Close, almost there.  At the end something goes wrong. Here is the output:

gpg2 keyserver keyring.debian.org --recv DF98...BE9B

   gpg: /root/.gnupg/trustdb.gpg: trust.db created

gpg: key DA87E80D6294BE9B: public key "Debian CD signing key<debian-cd@lists.debian.org>" imported


   gpg: Total number processed: 1

   gpg: Imported: 1

gpg2 --verify SHA512SUMS.sign SHA512SUMS

   gpg: Signature made Sat 10 Oct 07:00:08 PM EDT

..........using RSA key DF9B9C49EAA9298432589D76DA87E80D6294BE9B

gpg: Good signature from "Debian CD signing key<debian-cd@lists.debian.org>" [unknown]


...gpg: WARNING: This key is not certified with a trusted signature!

......There is no indication that the signature belongs to the owner

...Primary key fingerprint: DF9B9C49EAA9298432589D76DA87E80D6294BE9B

gpg2 --verify SHA512SUMS.sign debian-11.5.0-amd64-netinst.iso

...gpg: Signature made Sat 10 Oct 07:00:08  PM EDT

...gpg:              using RSA DF9B9C49EAA9298432589D76DA87E80D6294BE9B

...gpg: BAD signature from "Debian CD signing key<debain-cd@lists.debian.org>" [unknown]














On 11/15/22 02:59, Henning Follmann wrote:

On Mon, Nov 14, 2022 at 05:17:25PM -0500, Thomas George wrote:

I am still trying to do a fully verified installation of debian-11.5.0.

gpg --verify SHA512SUMS.sign SHA512SUMS responded with DF98...BE9B

gpg --recv-keys DF98...BE9B responded key DF98...BE9B: new key but contains
no user ID - skipped.

Another source suggested gpg --key-server keyring.debian.org --recv-keys
long numeric key

but this responded invalid option --key-server

sorry that was a typo.
gpg --keyserver keyring.debian.org --recv-keys ...
would be correct.

The gpg man page is beyond me, I need help

Well,
gpg is very complex software now. And the man page tries to be
all-encompassing. So it seems daunting to look at the man pages.
But I still would encourage anybody to use the manpages to better
understand and use their tools.
Which the will also tell you that --keyserver is deprecated (even though it
still should work as intended for your use case). dirmanager these days is
responsible for managing key/certificate dependencies.

Good luck,

-H

Reply to:

Follow-Ups:
- Re: gpg says no user ID
  - From: Jeffrey Walton <noloader@gmail.com>
- Re: gpg says no user ID
  - From: "Thomas Schmitt" <scdbackup@gmx.net>

References:
- gpg says no user ID
  - From: Thomas George <debianlist@mailfence.com>
- Re: gpg says no user ID
  - From: Henning Follmann <hfollmann@itcfollmann.com>

Prev by Date: Re: blacklist mei_me?
Next by Date: Re: gpg says no user ID
Previous by thread: Re: gpg says no user ID
Next by thread: Re: gpg says no user ID
Index(es):
- Date
- Thread