[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Package Key Mismatch
On Tue, May 26, 2020 at 11:18:28AM +0100, Andrew wrote:
> Had an update failure with the message
Thanks for checking!
> (2) andrew@andrew Downloads $ wget
> --2020-05-26 10:59:43-- https://pkg.tarsnap.com/tarsnap-deb-packaging-key.asc
> Connecting to 127.0.0.1:8118... connected.
> Proxy request sent, awaiting response... 200 OK
> Length: 1810 (1.8K) [application/pgp-signature]
> Saving to: ‘tarsnap-deb-packaging-key.asc.1’
Look carefully: that file is saved with a .1 at the end of it...
> (2) andrew@andrew Downloads $ gpg --list-packets tarsnap-deb-packaging-key.asc | grep signature
> :signature packet: algo 1, keyid 70BD6C50E82A9D99
> :signature packet: algo 17, keyid 38CECA690C6A6A6E
... but here, you're checking a file that does *not* have a .1 at the end.
I'm guessing this was the file you downloaded in 2019? (that matches the
-2019 key on my computer, at least.)
I'm wondering if I should change the docs to point to the year-based keys,
instead of the generic filenames. The downside is that if anybody quotes the
docs (say, in an email), then the instructions would cease the be
copy&pasteable... but maybe the "2019" vs. "2020" would be a clear enough
thing to change? I'll have to think about it some more.
- Graham Percival