[SOLVED] Can't import Pierre Schmitz's 0x9741E8AC key

edke · 2012-01-20 09:08:04

Hello guys.

Moved to pacman 4, now able to receive and sign keys when needed. Today I was updating openssl package, but failed to fetch PGP key of Pierre Schmitz (0x9741E8AC).

Targets (1): openssl-1.0.0.g-1

Total Installed Size:   10.46 MiB
Net Upgrade Size:       0.00 MiB

Proceed with installation? [Y/n] Y
(1/1) checking package integrity                                           [##########################################] 100%
error: openssl: key "7F2D434B9741E8AC" is unknown
error: key "7F2D434B9741E8AC" could not be looked up remotely
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded.

So trying to fetch key from pgp servers:

$ sudo pacman-key --recv-keys 7F2D434B9741E8AC 
gpg: requesting key 9741E8AC from hkp server pgp.mit.edu
gpg: keyserver timed out
gpg: keyserver receive failed: keyserver error
==> Updating trust database...
gpg: no need for a trustdb check

Same from hkp://keys.gnupg.net or hkp://subkeys.pgp.net.

Any hints ?

Last edited by edke (2012-01-20 10:20:17)

karol · 2012-01-20 09:10:46

You can download the package and then install it with 'pacman -U openssl*'
'pacman -U ' doesn't check the signatures atm.

edke · 2012-01-20 09:12:21

karol wrote:

You can download the package and then install it with 'pacman -U openssl*'
'pacman -U ' doesn't check the signatures atm.

Nice workaround, but I'd love to know, what is the problem here. If that key is missing on servers or just they are overloaded now and can't handle my request for download ...

karol · 2012-01-20 09:17:21

There is a couple similar threads, like: https://bbs.archlinux.org/viewtopic.php?pid=1044059 and maybe https://bbs.archlinux.org/viewtopic.php?pid=1043056
You can try https://wiki.archlinux.org/index.php/Pa … leshooting

Last edited by karol (2012-01-20 10:01:35)

edke · 2012-01-20 10:20:04

I tried just now, nothing changed on my side and now pacman-key was able to import (and find) Pierre's key just fine.

Targets (1): openssl-1.0.0.g-1

Total Installed Size:   10.46 MiB
Net Upgrade Size:       0.00 MiB

Proceed with installation? [Y/n] Y
(1/1) checking package integrity                                           [##########################################] 100%
error: openssl: key "7F2D434B9741E8AC" is unknown
:: Import PGP key 9741E8AC, "Pierre Schmitz <pierre@archlinux.de>", created 2011-04-10? [Y/n] Y
(1/1) checking package integrity                                           [##########################################] 100%
error: openssl: signature from "Pierre Schmitz <pierre@archlinux.de>" is unknown trust
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Errors occurred, no packages were upgraded

Then able to sign package:

$ pacman-key --lsign-key 9741E8AC  
==> Updating trust database...
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:  13  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:  13  signed:   0  trust: 13-, 0q, 0n, 0m, 0f, 0u

and all works now as it should. It had to be something on pgp server's side ..

Thanks anyway.

Trilby · 2012-01-20 15:42:13

I had a similar problem when updating. I didn't even touch pacman-key or anything else - I just reattempted the update a few minutes later and it worked fine.

I also suspect this means it was a server-side issue.

Arch Linux

#1 2012-01-20 09:08:04

[SOLVED] Can't import Pierre Schmitz's 0x9741E8AC key

#2 2012-01-20 09:10:46

Re: [SOLVED] Can't import Pierre Schmitz's 0x9741E8AC key

#3 2012-01-20 09:12:21

Re: [SOLVED] Can't import Pierre Schmitz's 0x9741E8AC key

#4 2012-01-20 09:17:21

Re: [SOLVED] Can't import Pierre Schmitz's 0x9741E8AC key

#5 2012-01-20 10:20:04

Re: [SOLVED] Can't import Pierre Schmitz's 0x9741E8AC key

#6 2012-01-20 15:42:13

Re: [SOLVED] Can't import Pierre Schmitz's 0x9741E8AC key

Board footer