Mailinglist Archive: opensuse-buildservice (170 mails)

< Previous Next >
RE: [opensuse-buildservice] Expired OBS Keys?
----------------------------------------
Date: Tue, 2 Jul 2013 15:33:40 +0200
From: meissner@xxxxxxx
To: kingthorin@xxxxxxxxxxx
CC: opensuse-buildservice@xxxxxxxxxxxx
Subject: Re: [opensuse-buildservice] Expired OBS Keys?

On Tue, Jul 02, 2013 at 08:12:23AM -0400, King Thorin wrote:


From: kingthorin@xxxxxxxxxxx
To: meissner@xxxxxxx
CC: opensuse-buildservice@xxxxxxxxxxxx
Subject: RE: [opensuse-buildservice] Expired OBS Keys?
Date: Tue, 26 Apr 2011 08:36:14 -0400




----------------------------------------
Date: Thu, 21 Apr 2011 09:19:39 +0200
From: meissner@xxxxxxx
To: kingthorin@xxxxxxxxxxx
CC: crrodriguez@xxxxxxxxxxxx; opensuse-buildservice@xxxxxxxxxxxx
Subject: Re: [opensuse-buildservice] Expired OBS Keys?

On Wed, Apr 20, 2011 at 03:28:29PM -0400, King Thorin wrote:



----------------------------------------
Date: Wed, 20 Apr 2011 16:12:26 -0300
From: crrodriguez@xxxxxxxxxxxx
To: opensuse-buildservice@xxxxxxxxxxxx
Subject: Re: [opensuse-buildservice] Expired OBS Keys?

El 20/04/11 16:10, King Thorin escribió:

It seems the OBS Security key (keyid 79EAFD54) on keys.gnupg.net has
expired (2011-Apr-2). Would it be possible for someone to update it?

I know an updated key has been generated (which expires 2013) as it can
be found here:
http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_10.04/Release.key


osc signkey --extend
--

Hey Chris, thanks for the speedy reply. Sadly that means absolutely
nothing to me.

I'm guessing some maintainer somewhere has already done what you're
suggesting as mentioned the Release.key is set to expire in 2013. However
I don't think that results in an update to keys.gnupg.net (though I could
totally be wrong).

I uploaded the extended key to the keyservers.

Ciao, Marcus
--

Thanks Marcus, I've verified that it's been updated:

user@laptop:~$ sudo apt-key remove 79EAFD54
OK

user@laptop:~$ sudo apt-key adv --keyserver hkp://keys.gnupg.net
--recv-keys BED1E87979EAFD54
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring
--secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg
--keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg
--keyserver hkp://keys.gnupg.net --recv-keys BED1E87979EAFD54
gpg: requesting key 79EAFD54 from hkp server keys.gnupg.net
gpg: key 79EAFD54: public key "security OBS Project
<security@xxxxxxxxxxxxxxxxxx>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1

user@laptop:~$ sudo apt-key list
/etc/apt/trusted.gpg
--------------------
.
.
.
pub 1024D/79EAFD54 2009-01-22 [expires: 2013-06-16]
uid security OBS Project <security@xxxxxxxxxxxxxxxxxx>
--


This key has expired again:

sudo apt-key list
/etc/apt/trusted.gpg
--------------------

pub 1024D/79EAFD54 2009-01-22 [expired: 2013-06-28]
uid security OBS Project <security@xxxxxxxxxxxxxxxxxx>

it is auto-extended these days, just one of the packages in the repository
you look at
will need to be rebuild.

Which distribution repository of "security" do you use?

Ciao, Marcus

Hi Marcus, I use the OSB repo for OpenVAS installs. Currently specifically
http://download.opensuse.org/repositories/security:/OpenVAS:/STABLE:/v4/xUbuntu_10.04/

Let me know if there are any other details I can provide.
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups
References