Hello!, This is the first time for me consuming Ubuntu repositories from OBS. I've rebuilt a Ubuntu 23.04 package for Ubuntu 22.04, added the repository according OBS indications but I'm struggling with GPG signature validation. Client setup: --- sudo sh -c 'echo "deb http://download.opensuse.org/repositories/home:/ciriarte:/apstra-4.2.0-fix/x... /" | sudo tee /etc/apt/sources.list.d/home:ciriarte:apstra-4.2.0-fix.list' sudo sh -c 'curl -fsSL https://download.opensuse.org/repositories/home:ciriarte:apstra-4.2.0-fix/xU... | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/home_ciriarte_apstra-4.2.0-fix.gpg > /dev/null' sudo chmod a+r /etc/apt/trusted.gpg.d/home_ciriarte_apstra-4.2.0-fix.gpg sudo chmod a+r /etc/apt/sources.list.d/home:ciriarte:apstra-4.2.0-fix.list sudo apt update --- Error I'm getting: --- Err:5 http://download.opensuse.org/repositories/home:/ciriarte:/apstra-4.2.0-fix/x... InRelease The following signatures were invalid: 8FE63E73E027DE951D5EAFDBA6F3579ABB33D482 Reading package lists... Done W: GPG error: http://download.opensuse.org/repositories/home:/ciriarte:/apstra-4.2.0-fix/x... InRelease: The following signatures were invalid: 8FE63E73E027DE951D5EAFDBA6F3579ABB33D482 E: The repository 'http://download.opensuse.org/repositories/home:/ciriarte:/apstra-4.2.0-fix/x... InRelease' is not signed. --- GPG file seems to be in the correct location: --- admin@apstra-os-03:~$ sudo apt-key list [sudo] password for admin: Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)). /etc/apt/trusted.gpg -------------------- pub rsa1024 2009-01-26 [SC] 3AE6 3EC8 2014 45CB 55E6 B1EE DCCB 2270 E771 6B13 uid [ unknown] Launchpad PPA for Stéphane Graber pub rsa4096 2017-02-22 [SCEA] 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88 uid [ unknown] Docker Release (CE deb) <docker@docker.com> sub rsa4096 2017-02-22 [S] /etc/apt/trusted.gpg.d/home_ciriarte_apstra-4.2.0-fix.gpg --------------------------------------------------------- pub dsa1024 2008-01-22 [SC] [expires: 2025-12-13] 8FE6 3E73 E027 DE95 1D5E AFDB A6F3 579A BB33 D482 uid [ unknown] home:ciriarte OBS Project <home:ciriarte@build.opensuse.org> /etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg ------------------------------------------------------ pub rsa4096 2012-05-11 [SC] 8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092 uid [ unknown] Ubuntu CD Image Automatic Signing Key (2012) <cdimage@ubuntu.com> /etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg ------------------------------------------------------ pub rsa4096 2018-09-17 [SC] F6EC B376 2474 EDA9 D21B 7022 8719 20D1 991B C93C uid [ unknown] Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com> --- Can anybody spot something wrong here? Regards, Cyrus.-
Hello!, After a long troubleshooting, all I can think of is that the repo is using dsa1024. I would like to change it to rsa4096 but I can't find how to do it in the OBS documentation. Any pointers? Regards, CI.- El vie, 6 oct 2023 a las 16:32, Cyrus (<cyruspy@gmail.com>) escribió:
-- Ciro Iriarte http://iriarte.it --
For posterity: https://iriarte.it/homelab/2023/10/07/deprecated-gpg-key-in-openbuild-servic... Regards, CI.- El vie, 6 oct 2023 a las 20:29, Cyrus (<cyruspy@gmail.com>) escribió:
-- Ciro Iriarte http://iriarte.it --
On Samstag, 7. Oktober 2023, 01:29:51 CEST Cyrus wrote:
you need to create a new project key osc signkey --create $project
-- Adrian Schroeter <adrian@suse.de> Build Infrastructure Project Manager SUSE Software Solutions Germany GmbH, Frankenstraße 146, 90461 Nürnberg, Germany (HRB 36809, AG Nürnberg) Geschäftsführer: Ivo Totev
participants (2)
-
Adrian Schröter -
Cyrus