You are not logged in.

#1 2017-02-23 22:04:14

Daerun
Member
Registered: 2011-02-07
Posts: 92

[SOLVED]Cannot verify cower pgp signature

I am trying to install cower, but just can't get the pgp signature veryfied. I've googled and made a search in the boards. This thread:

https://bbs.archlinux.org/viewtopic.php?id=191270

but nothing seems to work, not even what maintainer says in cower's AUR page, just don't know what else to do.

Last edited by Daerun (2017-02-24 20:06:07)

Offline

#2 2017-02-23 22:17:28

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,424
Website

Re: [SOLVED]Cannot verify cower pgp signature

Please describe exactly what you are doing to add the key. Paste output or error messages in code tags.


Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

#3 2017-02-24 09:46:25

Daerun
Member
Registered: 2011-02-07
Posts: 92

Re: [SOLVED]Cannot verify cower pgp signature

I did

gpg --recv-keys --keyserver hkp://pgp.mit.edu 1EB2638FF56C0C53

Apparently the key was added to my ring, because if a repeat that command I get

gpg --recv-keys --keyserver hkp://pgp.mit.edu 1EB2638FF56C0C53
gpg: key 1EB2638FF56C0C53: "Dave Reisner <d@falconindy.com>" not changed
gpg: Nombre total processat: 1
gpg:           no modificades: 1

But when I makepkg I still got the error

cower-16.tar.gz ... HA FALLAT
==> ERROR: Una o més signatures PGP no s'han pogut verificar!

Offline

#4 2017-02-24 11:06:39

Lone_Wolf
Member
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 11,868

Re: [SOLVED]Cannot verify cower pgp signature

please run LC_ALL=C makepkg and post the full output.


Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.


(A works at time B)  && (time C > time B ) ≠  (A works at time C)

Offline

#5 2017-02-24 12:11:30

Daerun
Member
Registered: 2011-02-07
Posts: 92

Re: [SOLVED]Cannot verify cower pgp signature

==> Making package: cower 16-1 (Fri Feb 24 13:10:57 CET 2017)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> Retrieving sources...
  -> Found cower-16.tar.gz
  -> Found cower-16.tar.gz.sig
==> Validating source files with md5sums...
    cower-16.tar.gz ... Passed
    cower-16.tar.gz.sig ... Skipped
==> Verifying source file signatures with gpg...
    cower-16.tar.gz ... FAILED
==> ERROR: One or more PGP signatures could not be verified!

Offline

#6 2017-02-24 13:34:24

Scimmia
Fellow
Registered: 2012-09-01
Posts: 11,466

Re: [SOLVED]Cannot verify cower pgp signature

You're running both of these as the same user, right?

Offline

#7 2017-02-24 16:14:37

Daerun
Member
Registered: 2011-02-07
Posts: 92

Re: [SOLVED]Cannot verify cower pgp signature

Yes, no sudo, just my regular user.

EDIT: aaalright, so apparently my trusted keys db was somehow corrupted, noticed it when I performed again "gpg --lsign 1EB2638FF56C0C53" (sorry, didn't remember to copy the error message that showed up). So I erased /home/[myuser]/.gnupg/trustdb.gpg and performed again

gpg --recv-keys --keyserver hkp://pgp.mit.edu 1EB2638FF56C0C53

gpg --lsign 1EB2638FF56C0C53

The db was created and populated again and now everything works properly.

Last edited by Daerun (2017-02-24 20:05:53)

Offline

Board footer

Powered by FluxBB