You are not logged in.

#1 2022-01-10 11:10:37

arx
Member
From: 2730ft above sea level
Registered: 2016-04-30
Posts: 46

[SOLVED] gpg key for archlinux-keyring failing to fetch

Greetings and long time no see.

I have arch installed on a box and it's been offline for ~3 years while I was out of the country.

I started it up today and took a nice fresh breath of air -- and then I went to install some package and discovered that the `archlinux-keyring` needed to be updated. After the keyring file is fetched, it fails on the signature validation:

pacman -Syu
:: Synchronizing package databases...
 core is up to date
 extra is up to date
 community is up to date
 multilib is up to date
:: Some packages should be upgraded first...
resolving dependencies...
looking for conflicting packages...

Package (1)             Old Version  New Version  Net Change

core/archlinux-keyring  20190123-2   20211028-1     0.42 MiB

Total Installed Size:  1.36 MiB
Net Upgrade Size:      0.42 MiB

:: Proceed with installation? [Y/n] 
(1/1) checking keys in keyring                                            [##########################################] 100%
downloading required keys...
error: key "6D42BDD116E0068F" could not be looked up remotely
error: required key missing from keyring
error: failed to commit transaction (unexpected error)
Errors occurred, no packages were upgraded.

:: Starting full system upgrade...
:: Replace bind-tools with extra/bind? [Y/n]

Letting the `-Syu` complete the 3gb download results in the same `6D42BDD116E0068F` key not found/added error.

That `6D42BDD116E0068F` key appears to no longer be valid. I've already tried fetching it manually with no luck.

I've tried every single `pacman-keys` and `gpg` command, including flushing both `/root/gnupg` and `etc/paman.d/gnupg` ad infinitum as well as every other recommendation from this forum and other sites. Every other thread that has a similar issue is resolved by things that do not work for me since the key I'm trying to fetch is old/expired and no longer served/provided -- or when someone replies to the thread they're told to stop replying to a closed thread.

Does anybody know how I can get past this key blocking me? Maybe someone can send me that key securely so I can add it in myself.

The keyserver fetch fails:

pacman-key --keyserver hkp://pool.sks-keyservers.net --refresh-keys
gpg: refreshing 137 keys from hkp://pool.sks-keyservers.net
gpg: keyserver refresh failed: Server indicated a failure
==> ERROR: A specified local key could not be updated from a keyserver.

I've tried hkp and hkps, and tried every server I could find from mit, and other hackerly looking ones. Nothing seems to allow me to fetch that `6D42BDD116E0068F` key and I'm stuck 3 years in the past.

Thanks and best.

Last edited by arx (2022-01-10 16:03:58)

Offline

#2 2022-01-10 12:47:10

mpan
Member
Registered: 2012-08-01
Posts: 1,188
Website

Re: [SOLVED] gpg key for archlinux-keyring failing to fetch

If it was unused for 3 years, your best bet is to make a fresh installation. Otherwise it will be a painstaking process of replaying step by step updates from ALA, possibly with software that has been replaced a long time ago, accepting packages with long expired signatures. And all that may still end in a failure.

If you really want to continue through that horror: sks-keyservers is dead for a year or so. MIT is malfunctioning for so long I can’t even tell since when exactly. The currently used keyserver is <hkp://keyserver.ubuntu.com>. The keyring may need a fresh initialization anyway.


Sometimes I seem a bit harsh — don’t get offended too easily!

Offline

#3 2022-01-10 13:35:06

arx
Member
From: 2730ft above sea level
Registered: 2016-04-30
Posts: 46

Re: [SOLVED] gpg key for archlinux-keyring failing to fetch

Thanks mpan, I just followed this section: https://wiki.archlinux.org/title/Pacman … mport_keys

It also suggests trying the ubuntu sks server, but I get the same issue from there.

I also cloned down archlinux-keyring and ran `make dist`, signed with my key -- but I am having issues adding my gpg key to pacman.

Last edited by arx (2022-01-10 13:41:13)

Offline

#4 2022-01-10 13:38:30

arx
Member
From: 2730ft above sea level
Registered: 2016-04-30
Posts: 46

Re: [SOLVED] gpg key for archlinux-keyring failing to fetch

sudo pacman-key --refresh-keys
gpg: refreshing 137 keys from hkp://keyserver.ubuntu.com
gpg: keyserver refresh failed: Server indicated a failure
==> ERROR: A specified local key could not be updated from a keyserver.

It's things like this that are so irritating w/ arch big_smile

Offline

#5 2022-01-10 13:52:48

arx
Member
From: 2730ft above sea level
Registered: 2016-04-30
Posts: 46

Re: [SOLVED] gpg key for archlinux-keyring failing to fetch

I've gotten past the sks bad key issue, by following this:
https://forum.manjaro.org/t/cant-update … ng/72390/5

Next steps:
1. let -Syyu complete
2. undo that sks server url (set back to ubuntu)
3. flush and repull keys.

Fingers crossed. I'm fine manually fixing dependencies btw, will update this thread later when/if the upgrade completes entirely.

Offline

#6 2022-01-10 14:25:47

Slithery
Administrator
From: Norfolk, UK
Registered: 2013-12-01
Posts: 5,776

Re: [SOLVED] gpg key for archlinux-keyring failing to fetch

Make sure you read any relevant news items from the last few years, for example...
https://archlinux.org/news/moving-to-zs … kinitcpio/

IIRC there are other upgrade blockers in the news feed.


No, it didn't "fix" anything. It just shifted the brokeness one space to the right. - jasonwryan
Closing -- for deletion; Banning -- for muppetry. - jasonwryan

aur - dotfiles

Offline

#7 2022-01-10 15:18:04

arx
Member
From: 2730ft above sea level
Registered: 2016-04-30
Posts: 46

Re: [SOLVED] gpg key for archlinux-keyring failing to fetch

Thanks Slithery, I'm familiar with that change because I have a laptop I was running arch on the whole time as well big_smile I appreciate the reminder though!

Offline

#8 2022-01-10 16:03:33

arx
Member
From: 2730ft above sea level
Registered: 2016-04-30
Posts: 46

Re: [SOLVED] gpg key for archlinux-keyring failing to fetch

All green:

pacman -Syu
:: Synchronizing package databases...
 core is up to date
 extra is up to date
 community is up to date
 multilib is up to date
:: Starting full system upgrade...
 there is nothing to do

Thanks for the pointers, frens

Offline

Board footer

Powered by FluxBB