Expired GPG Key ?

Forum Forums antiX-development Development Expired GPG Key ?

  • This topic has 91 replies, 24 voices, and was last updated May 15-2:52 pm by lazy_frozen.
Viewing 15 posts - 1 through 15 (of 92 total)
  • Author
    Posts
  • #140341
    Member
    techore

      Anyone else experience issues with obtaining updates?

      The problem may be on my end but it was working a few hours ago. Verified I have the correct time.. checking again, yes, correct date and time.

      repo: http://la.mxrepo.com/antix/bookworm InRelease
      EXPKEYSIG DB36CDF3452F0C20

      See the attached for screenshot.

      #140343
      Member
      fantasIA05

        I just ran a “sudo apt update” after seeing this post and the same thing appears.

        #140345
        Member
        techore

          @fantasia05, thank you!

          I was confident, mostly, the problem was an expired gpg key, but I was not 100% certain.

          Rotten timing for I was spinning up a build, but it is an excuse to play a game or bug my spouse. 😀

          #140348
          Member
          afghan

            Same problem here since several hours ago. It’s funny that the key’s expiry is set to 2027, but it seems like it’s expired now.

            I think this kind of thing happened before some years ago.

            Beware of people who knows nothing; they are the ones that won't know that they know nothing.

            #140355
            Moderator
            caprea

              I saw the same here. The /etc/apt/sources.list.d/antix.list is looking for

              # Use with Debian Bookworm repositories. 
              deb [signed-by=/etc/apt/keyrings/antix-archive-keyring.gpg] http://ftp.halifax.rwth-aachen.de/mxlinux/packages/antix/bookworm bookworm main nonfree nosystemd  

              [signed-by=/etc/apt/keyrings/antix-archive-keyring.gpg]

              but the new key was downloaded and installed to /etc/apt/trusted.gpg.d/antix-archive-keyring.gpg some days ago.

              I solved it here with

              sudo cp '/etc/apt/trusted.gpg.d/antix-archive-keyring.gpg' '/etc/apt/keyrings/antix-archive-keyring.gpg' 
              

              but there might comes another solution, so maybe wait.
              `

              #140357
              Member
              afghan

                EXPKEYSIG DB36CDF3452F0C20 antiX Linux repo <repo@antixlinux.com>

                I’m not sure what’s going on. It seems it’s the key signature associated with repo@antixlinux.com that is the problem.

                It’s not a big issue. I’ll just wait for it to be corrected.

                Beware of people who knows nothing; they are the ones that won't know that they know nothing.

                #140366
                Member
                abc-nix

                  EDIT: Ignore the following

                  If you remove the
                  [signed-by=/etc/apt/keyrings/antix-archive-keyring.gpg]
                  text from /etc/apt/sources.list.d/antix.list should work. I don’t have this on my antiX system and the antiX sources work properly for me.

                  • This reply was modified 1 month ago by abc-nix. Reason: warning
                  #140372
                  Forum Admin
                  anticapitalista

                    Quick fix as Caprea posts

                    sudo cp '/etc/apt/trusted.gpg.d/antix-archive-keyring.gpg' '/etc/apt/keyrings/antix-archive-keyring.gpg'

                    Philosophers have interpreted the world in many ways; the point is to change it.

                    antiX with runit - leaner and meaner.

                    #140377
                    Member
                    mattt429

                      Thanks, i used the fix

                      sudo cp '/etc/apt/trusted.gpg.d/antix-archive-keyring.gpg' '/etc/apt/keyrings/antix-archive-keyring.gpg'

                      which also fixed the same issue this morning.

                      #140397
                      Member
                      techore

                        @anticapitalista, I see the updated package but it did not remove the key in apt/trusted. Delete it? No real harm, I suppose, with both.

                        and thank you.

                        #140403
                        Member
                        CanToo

                          I’m having this issue with antiX-23.1_i386_init-diversity-edition_UNOFFICIAL_20240302.iso. The above suggestions fixed the problem for the InRelease sources. But the deb-s6-rc-66-init-experimental.duckdns.org is still refusing to connect. Any suggestions? Are the packages available somewhere else?

                          #140472
                          Member
                          seriousness

                            I also think we should get rid of the unnecessary /etc/apt/trusted.gpg.d/antix-archive-keyring.gpg to prevent confusion.

                            #140508
                            Member
                            olsztyn

                              f you remove the
                              [signed-by=/etc/apt/keyrings/antix-archive-keyring.gpg]
                              text from /etc/apt/sources.list.d/antix.list should work. I don’t have this on my antiX system and the antiX sources work properly for me.

                              Thank You @abc-nix! Greatly appreciated…
                              I understand this fixes this recurring nuisance for good…
                              Best regards.

                              Live antiX Boot Options (Previously posted by Xecure):
                              http://antixlinuxfan.miraheze.org/wiki/Table_of_antiX_Boot_Parameters

                              #140509
                              Forum Admin
                              anticapitalista

                                f you remove the
                                [signed-by=/etc/apt/keyrings/antix-archive-keyring.gpg]
                                text from /etc/apt/sources.list.d/antix.list should work. I don’t have this on my antiX system and the antiX sources work properly for me.

                                Thank You @abc-nix! Greatly appreciated…
                                I understand this fixes this recurring nuisance for good…
                                Best regards.

                                Not really since any update to the apt repo from apt-antiX in bookworm, testing and sid uses [signed-by=/etc/apt/keyrings/antix-archive-keyring.gpg] in the deb line.
                                This is supposed to be more secure according to Debian and apt and /etc/apt/trusted.gpg.d/antix-archive-keyring.gpg is deprecated.

                                /etc/apt/trusted.gpg.d/antix-archive-keyring.gpg does not need to be removed. In fact it s needed for those running pre antiX-23 versions

                                Philosophers have interpreted the world in many ways; the point is to change it.

                                antiX with runit - leaner and meaner.

                                #140524
                                Member
                                techore

                                  This is supposed to be more secure according to Debian and apt and /etc/apt/trusted.gpg.d/antix-archive-keyring.gpg is deprecated.

                                  Correct!

                                  I did research on this six months ago or so.

                                  Placing keys in trusted.gpg.d permits the use of keys outside of their intended context. @anticapitalista, as such, shouldn’t the key be removed from trusted.gpg.d for antiX 23+ and newer versions?

                                Viewing 15 posts - 1 through 15 (of 92 total)
                                • You must be logged in to reply to this topic.