Gpg

如何成功將公鑰 94532124541922FB 導入 GPG?

  • March 28, 2019

我想我需要在我的鑰匙圈中有鑰匙 94532124541922FB ,因為 multistrap 正在報告:

W: GPG error: http://packages.roundr.devuan.org/merged ascii InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 94532124541922FB
W: The repository 'http://auto.mirror.devuan.org/merged ascii InRelease' is not signed.

我嘗試使用以下方法導入密鑰:

user@host:~/multistrap$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 94532124541922FB
Executing: /tmp/apt-key-gpghome.wsOOsj4iqi/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 94532124541922FB
key 94532124541922FB:
1 signature not checked due to a missing key
gpg: key 94532124541922FB: "Devuan Repository (Primary Devuan signing key) <repository@devuan.org>" 1 new signature
gpg: Total number processed: 1
gpg:         new signatures: 1

我不確定這是否成功,所以我嘗試了:

user@host:~/multistrap$ gpg --list-keys
/home/user/.gnupg/pubring.kbx
--------------------------------
pub   rsa3072 2019-03-25 [SC] [expires: 2021-03-24]
     579B175CD95705FB9A6C3D271587404115319AFF
uid           [ultimate] User <user@example.com>
sub   rsa3072 2019-03-25 [E] [expires: 2021-03-24]

這讓我覺得它失敗了。

如何獲得密鑰 94532124541922FB?


更新:我發現 apt-key 具有與 GPG 不同的密鑰環,並且 GPG 具有不同的密鑰環,具體取決於您使用的sudo.

關鍵在那裡,有apt-key

user@host:~/multistrap$ sudo apt-key adv --list-keys
Executing: /tmp/apt-key-gpghome.12skPKfRJz/gpg.1.sh --list-keys
/tmp/apt-key-gpghome.12skPKfRJz/pubring.gpg
-------------------------------------------
...
pub   rsa2048 2014-12-02 [SC]
     72E3CB773315DFA2E464743D94532124541922FB
uid           [ unknown] Devuan Repository (Primary Devuan signing key) <repository@devuan.org>
sub   rsa2048 2014-12-02 [E]
sub   rsa4096 2016-04-26 [S]

pub   rsa4096 2016-10-06 [SC]
     CF1921B2D91C6435848E810099C46A90B1FB3B59
uid           [ unknown] Devuan ISO Toaster (Devuan GNU+Linux) <onelove@devuan.org>
sub   rsa4096 2016-10-06 [E]

pub   rsa4096 2017-09-04 [SC] [expires: 2022-09-03]
     E032601B7CA10BC3EA53FA81BB23C00C61FC752C
uid           [ unknown] Devuan Repository (Amprolla3 on Nemesis) <repository@devuan.org>
sub   rsa4096 2017-09-04 [E] [expires: 2022-09-03]

但仍然多帶抱怨:

user@host:~/multistrap$ sudo multistrap -a armhf -d /multistrap-devuan-ascii -f simple-config
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
   LANGUAGE = (unset),
   LC_ALL = (unset),
   LANG = "en_GB.UTF-8"
   are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
multistrap 2.2.9 using simple-config
multistrap 2.2.9 using simple-config
Defaulting architecture to native: armhf
multistrap building armhf multistrap on 'armhf'
I: Downloading debian-archive-keyring 
Get:1 http://packages.roundr.devuan.org/merged ascii/main armhf debian-archive-keyring all 2017.5 [56.4 kB]
Fetched 56.4 kB in 0s (67.5 kB/s)           
Getting package lists: APT_CONFIG=/tmp/multistrap.QTx1QB apt-get  -o Apt::Architecture=armhf -o Dir::Etc::TrustedParts=/multistrap-devuan-ascii/etc/apt/trusted.gpg.d -o Dir::Etc::Trusted=/multistrap-devuan-ascii/etc/apt/trusted.gpg -o Apt::Get::Download-Only=true -o Apt::Install-Recommends=false -o Dir=/multistrap-devuan-ascii/ -o Dir::Etc=/multistrap-devuan-ascii/etc/apt/ -o Dir::Etc::Parts=/multistrap-devuan-ascii/etc/apt/apt.conf.d/ -o Dir::Etc::PreferencesParts=/multistrap-devuan-ascii/etc/apt/preferences.d/ -o APT::Default-Release='*' -o Dir::State=/multistrap-devuan-ascii/var/lib/apt/ -o Dir::State::Status=/multistrap-devuan-ascii/var/lib/dpkg/status -o Dir::Cache=/multistrap-devuan-ascii/var/cache/apt/ update
Get:1 http://packages.roundr.devuan.org/merged ascii InRelease [21.9 kB]
Ign:1 http://packages.roundr.devuan.org/merged ascii InRelease
Fetched 21.9 kB in 0s (34.5 kB/s)
Reading package lists... Done
W: GPG error: http://packages.roundr.devuan.org/merged ascii InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 94532124541922FB
W: The repository 'http://auto.mirror.devuan.org/merged ascii InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

問題是 multistrap 只信任/multistrap-devuan-ascii/etc/apt/trusted.gpg.d目標目錄中的密鑰。

當多重打包 Debian 時,這個目錄充滿了從debian-archive-keyring包中提取的文件。

此包在 simple-config 中指定為密鑰環:

[General]
unpack=true
bootstrap=Debian
aptsources=Debian

[Debian]
packages=
source=http://ftp.uk.debian.org/debian
keyring=debian-archive-keyring
suite=lenny

當我安裝 Devuan(一個無系統的 Debian 分支)時,我simple-config看起來像:

[General]
unpack=true
bootstrap=Devuan
aptsources=Devuan

[Devuan]
packages=
source=http://auto.mirror.devuan.org/merged
keyring=
suite=ascii

Devuan 中確實存在該debian-archive-keyring軟體包,但只有 Debian 密鑰,沒有失去的 Devuan 密鑰。沒有devuan-archive-keyring

所以看起來我需要製作一個devuan-archive-keyring包含 Devuan 公鑰的包。

(我已經確認這會起作用,方法是在失敗的 multistrap 執行之後放置。repository-devuan-org.gpg/multistrap-devuan-ascii/etc/apt/trusted.gpg.d/第二次呼叫 multistrap 然後執行沒有錯誤。)


後續問題:Debian debian-archive-keyring 軟體包的 Devuan 等價物是什麼?

引用自:https://serverfault.com/questions/960268