Join Log in
Score:0
FatRabbit avatar Ubuntu

gpg key mismatch when importing

bw flag
FatRabbit

I am trying to import a specific key from ubuntu key server and when I launch the gpg command for that, the received key ID does not match the one I passed as argument:

$ gpg --keyserver keyserver.ubuntu.com --recv-keys 54404762BBB6E853
gpg: key A48449044AAD5C5D: 4 signatures not checked due to missing keys
gpg: clef A48449044AAD5C5D : « Debian Security Archive Automatic Signing Key (11/bullseye) <[email protected]> » n'est pas modifiée
gpg:       Quantité totale traitée : 1
gpg:                 non modifiées : 1

I requested the: 54404762BBB6E853 but received A48449044AAD5C5D. Deleting and reimporting the key gives the same behavior

Edit: this behaviour is totally normal. A subkey is bound to his primary key. You will need to pass --with-subkey-fingerprints to apt-key in order to print its fingerprint. I did not notice the "sub" comming with "pub" entries. My bad.

77
1 + 1
muru avatar
us flag
muru
Please don't add "solved" to the title. Accepting an answer if it solved your problem is enough.
0
Reply
Score:3
Kristopher Ives avatar Ubuntu
in flag
Kristopher Ives

The key you are importing can be seen on the Ubuntu keyserver HTTP interface:

Here you can see that the key you're requesting is actually a subkey of the one you're getting:

uid Debian Security Archive Automatic Signing Key (11/bullseye) <[email protected]>
sig  sig  a48449044aad5c5d 2021-01-17T11:17:04Z 2029-01-15T11:17:04Z ____________________ [selfsig]
sig  sig  dc30d7c23cbbabee 2021-01-17T11:26:41Z ____________________ ____________________ dc30d7c23cbbabee
sig  sig  4dfab270caa96dfa 2021-01-17T11:27:03Z ____________________ ____________________ 4dfab270caa96dfa
sig  sig  73a4f27b8dd47936 2021-01-17T11:29:50Z ____________________ ____________________ 73a4f27b8dd47936
sig  sig  bc372252ca1cf964 2021-01-17T11:42:26Z ____________________ ____________________ bc372252ca1cf964
sig  sig  db16cf5bb12525c4 2021-01-17T12:51:55Z ____________________ ____________________ db16cf5bb12525c4

sub rsa4096/ed541312a33f1128f10b1c6c54404762bbb6e853 2021-01-17T11:17:04Z            
sig sbind a48449044aad5c5d 2021-01-17T11:17:04Z ____________________ 2029-01-15T11:17:04Z []

My understanding is that Debian does this so that one key can be used for signing while the other key can be kept offline.

0 + 2
FatRabbit avatar
bw flag
FatRabbit
We are running a local mirror of ubuntu and debian archives and the debian part is poping up many of the following error: NO_PUBKEY 54404762BBB6E853. What am is supposed to do if I cannot get the 54404762BBB6E853 ? is there any additional command I have to do?
0
Reply
FatRabbit avatar
bw flag
FatRabbit
where can I find the 54404762BBB6E853?
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.