" :signature packet: algo 1, keyid 00AAADA57778C8B1 version 4, created 1525702323, md5len 0, sigclass 0x13 digest algo 8, begin of digest 80 f8 hashed subpkt 2 len 4 (sig created 2018-05-07) hashed subpkt 27 len 1 (key flags: 2F) hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 3) hashed subpkt 21 len 4 (pref-hash-algos: 10 9 8 11) hashed subpkt 22 len 4 (pref-zip-algos: 2 3 1 0) hashed subpkt 30 len 1 (features: 01) hashed subpkt 23 len 1 (key server preferences: 80) subpkt 16 len 8 (issuer key ID 00AAADA57778C8B1) data: [4096 bits] :public sub key packet: version 4, algo 1, created 1525702323, expires 0
Hello, need help.
Have a problem with gpg keys for my private repo.
I need one key for all ubuntu repositories and hash algo >=sha256.
When publish projects in obs-server, they are signed with a key (example
key below). The key is the algorithm rsa (algo 1) and encryption sha256
(digest algo 8).
But when publish packages, hosts with OS ubuntu 16.04, warn that the key
has a sha1 cipher:
"Signature by key 167F971DD45E6807EF611BB1A18A8926E4050125 uses weak digest
algorithm (SHA1)"
The problem is solved if I create a separate key for the project.
osc signkey --create certbot
obs_admin --republish-repository certbot Ubuntu_16.04_standard
But I need one key for all the repositories. How can I solve this?
Created key example:
gpg2 --list-packets /srv/obs/obs-default-gpg.asc
:public key packet:
version 4, algo 1, created 1525702323, expires 0
pkey[0]: [4096 bits]
pkey[1]: [17 bits]
keyid: 00AAADA57778C8B1
:user ID packet: "private OBS (key without passphrase)