Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gpg key used to sign aptly releases has expired (2018 edition) #717

Closed
madwort opened this issue Mar 15, 2018 · 9 comments · Fixed by #719
Closed

gpg key used to sign aptly releases has expired (2018 edition) #717

madwort opened this issue Mar 15, 2018 · 9 comments · Fixed by #719
Labels
bug

Comments

@madwort
Copy link

madwort commented Mar 15, 2018

Detailed Description

The key used to sign the repo expired today

apt-key list | grep -A2 9C7DE460
pub   2048R/9C7DE460 2016-03-15 [expired: 2018-03-15]
uid                  Andrey Smirnov <me@smira.ru>

Context

This means that I cannot use the repo:

W: GPG error: http://repo.aptly.info squeeze InRelease: The following signatures were invalid: KEYEXPIRED 1521105187  KEYEXPIRED 1521105187  KEYEXPIRED 1521105187
@madwort
Copy link
Author

madwort commented Mar 15, 2018

see also https://github.com/smira/aptly/issues/364

@jasaltvik jasaltvik mentioned this issue Mar 15, 2018
Closed
@emopinata
Copy link

@smira any idea when we can expect this to be resolved?

@smira
Copy link
Contributor

smira commented Mar 15, 2018

🤦‍♂️ give me a few to fix it

@smira smira mentioned this issue Mar 15, 2018
Closed
smira referenced this issue in smira/aptly-dev.github.io Mar 15, 2018
@smira
Add new repo signing key
f01c504 
Fixes https://github.com/smira/aptly/issues/717
@smira smira mentioned this issue Mar 15, 2018
Merged
@smira
Copy link
Contributor

smira commented Mar 15, 2018

Repos signed with new key, website updated (it might take a few for the CDN to pick up the change).

New key:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFqq5noBEADD5vEO+RfaGCDpvtFKP4piVF0niHJ4nI52UvCLYa2Yn6dpiUCk
JVa+JL+XbO13nM4tmkzkNKQE1kvisxw3Q6+AZTol849EJqLSTRgxcda5ND4Lakiv
m46FwqQoVcKtcfkPm4uo4SYvaNH4bGPJzqpM5etfhCLmT+6xXA6Ke7PeYk61lh7d
IWxjUJFaljm6+SuElOhYlLFsh/XLx+PemEnoR3jsRTeysoieICfod5X+CEK6JxfZ
9oR5Xl4RS7b7BTUVnOaWYCVOWYvg3/cYdqsdM34thZI474feaNmMgOMULc87HqbK
DwpYTzS1LLcEK1M3qqxk5KdG7vmydhOTI+xSiSLDD3HOsJ+Hy2f9kbFLZ+EpS9z6
3rVTOROEMkjYxYJ2JwmlFZVGm17CNfEYUM/I0fSkH4c1NoJw0od9M+y1XZM/JV1I
MqnQO75ZWNU+Nta53Lo4dr2Un37FRBaa2RWh/deLOOkzd8uUiA51EKcJj+cEMf2U
FQZ+OZLA4N4PJux68dL6OyN4AOrITCP15ORKgTuj0ttweq0SswfSGVilB+H32sby
ctz8gEmM2FWpo78lja2MN5O6/9v3Nb1kRjCQPqyEyptg5ns3qzUqIumQvasOwqEs
GyEBOrB2M2+a2eLhDDcPHdvxhzMYOqvHm1FHeFI6Wqf9kQx73eknmPN1sQARAQAB
tBxBbmRyZXkgU21pcm5vdiA8bWVAc21pcmEucnU+iQI+BBMBAgAoBQJaquZ6AhsD
BQkDwmcABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDtdbWkSD2gfCEGD/91
U6fnzxyUB3+b+9gh7ODMJUcFU25MZOL6GKykerUcb40uR/u8L7P/BJGXtqdwwxEE
jhm4ML732xOgImYa/pkI/B0kUaH3wtzJeAK/owkA8xDmTFoOa47Th7cr0waOke9W
5PR1X4mCFaj0y7wfKwut/MTooLp8GGNftJlChj/fZIusaFcZVZ/7jmeBvAS3wjrW
vnepRao1MQSzwEk9VQqG6FsyYG8RoBCqCx1on1JWDGMuvwqbbfJvbIO5FzoRmmR3
0+Ryin0pVRUQD1PgqA534TwshNfxp6qJbv+/rbofOJCfD9ZS0qXmkuTxy8VrS+xK
P2vfqmc+xHB/TzNYVwVYFwh2rWf9b+pBxLVC1kwHvumnZgkCMZBkdSF3jw1tsivG
CqfeEUQaVUlDnxoiMfIChVPtN6RupCkuHLDA5SwdPYIwvwiQwAZHkkoTIXx1urQr
SPTIfYHo2xPgu/DMvVbdaOz04wCXH+ydDvVrKb8x3p4+dorNMnoSs97OUWndDuJa
11cdZz6hQgFIuquWR++lXS8/dcCDBjSxrsSXqhTXmVrAoq2K0cRpm/hvrU6UNxzN
w9uxtOZ2rkl1v0vLZ3n7XWLZjIK03Jj8Mayf30CTktKyvPr1Fwg4G5TM0i1MJJva
flxqBVVse9cwdN/YBJxSIseMB0T5iVJoKypfzfo2sbkCDQRaquZ6ARAAwRl7P4h+
l2Soh3Eg3LvLJyHGc4KEAh7qRcxg3cFzDfk1q9f138I6z9qgpUGvYyec/O14pNgU
8bXiiR4S+lvDmgDm6ImDRzCsYv0dJiyF5QQgfTI2mqG8b7UfQc8l6Htt3xkYkdkB
m+3DwpcY7UlgwqESulJNTGjBztlrP2LeaHHALTDEfvCPEjFMPYiaStMfaamTOnJA
dUA6bTlLxZkmc8p+3/8m0EOxQgiIsXWJOfnfSrUfrxR56utHpFmAB5uTgyl51sRl
mofzGBp8NMQqPXoXh2RntgxslmTAH/mKlB1Ma2XQn5wJaD5NAbVIwemAyi3km/EH
M2Zlb8Tw28so8eWMODuXAwstBuCY5917SWOugrJn9G3lylGsRcJQ7/CP114dNdun
v3y22y3ZrzM03+cQqJl7ZQjUijS/jyiLKYlvQ90byQ4nShNyiN0zcRP+uu9JzIZr
RBJzVBkbIx2BcCl195DYnnQNAzLmW9vbTZl0h3zUQNCwqsQ7zfUQVTXe3T6ApCmr
JQI4ValYL7NxtF1duEYSRAsQfhjUxnPBmcHyZzB1nHZXzqg5DwJ257F0fa1iP63w
ZQegrAGKcMssi/HzcXjEqQLQZmrT8mwHfIAJDU4+d8wmCg9kAQniN/tzPaWEmbk2
887cBfR9fQNxrNNu9j/n1xWQowvVDP+FyiEAEQEAAYkCJQQYAQIADwUCWqrmegIb
DAUJA8JnAAAKCRDtdbWkSD2gfKFjD/9qCPNvT5N9ISAemzIAFVtigLAaA+QYgS38
wT4E6NkXuon/cdbJKIfaC6IiGdTLo5MwCFfZ01ZMVWF3EPz0XNmfxy3IQXBfd4Ru
A8sx8M0skXY4jYNLQymGePTJ3KYhRO5scC0MQjDrqIB9dnIR1sh8AJYoWUBmrkIw
jwxktVtSc97MKESRoWM9srvGiICCZqspKhovWJMEKAHf/ahxKa5iyrBasHljDwP7
FNnbba+xx3d8FNo3Xs6eVzDqXcQqgMuY/rUxPzDpcKi0KnrAK0k3HzM5z5Mjdd28
NCSM0u5FtkjFTxmpJgA9CzCzvXsvkEOlgCJ1ZFYe45C3S4X+NgPNpScZv/1A5dv4
M3AdP9d5s9u8C3Bn7G3VAZp5DH40SmVF71IZCMRG8XWf1GcjGcEgaX5ebtaiVAh8
RQFf0Hb9abDFF3txzFxINAM+W/ubSPSg5TxPSixVw+aTy79tLsfgXL9YiWRRTkfu
HvpNtogylDFf9p3BY4QLybUWp05XGpd0JIgs7yVkYZsOvYycymuGFcrZBaM1E9+e
xnwec2zdVAGv/4Ld8rnXNHQt11S4uwWJfU+0HLL0aXvinW4Eu1095+5jhiWzW/Nq
QjP7CvP+lh0uWI2cBLmrhBY5sua4qISXO6NpKerY6gbtvdIoG/0EoOKn2m1q69dv
UILGDNG5JA==
=uEdu
-----END PGP PUBLIC KEY BLOCK-----

Info:

pub   4096R/ED75B5A4483DA07C 2018-03-15 [expires: 2020-03-14]
uid                          Andrey Smirnov <me@smira.ru>

@smira
Copy link
Contributor

smira commented Mar 15, 2018

Or via keyserver:

# apt-key adv --keyserver pool.sks-keyservers.net --recv-keys ED75B5A4483DA07C
Executing: /tmp/tmp.m1Hw1EtHNb/gpg.1.sh --keyserver
pool.sks-keyservers.net
--recv-keys
ED75B5A4483DA07C
gpg: requesting key 483DA07C from hkp server pool.sks-keyservers.net
gpg: key 483DA07C: "Andrey Smirnov <me@smira.ru>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

This was referenced Mar 15, 2018
Merged
Closed
@madwort
Copy link
Author

madwort commented Mar 16, 2018

Thanks @smira !

@hsitter hsitter mentioned this issue Mar 19, 2018
Closed
rtrinque referenced this issue in alphagov/puppet-aptly Apr 11, 2018
@rtrinque
New gpg key
dc43739 
  As per https://github.com/smira/aptly/issues/717 , the previous gpg key has expired
This was referenced Apr 11, 2018
Closed
Merged
rtrinque referenced this issue in alphagov/puppet-aptly Apr 11, 2018
@rtrinque
New gpg key
b7490ee 
  As per https://github.com/smira/aptly/issues/717 , the previous gpg key has expired
@rtrinque rtrinque mentioned this issue Apr 11, 2018
Merged
rtrinque referenced this issue in alphagov/puppet-aptly Apr 12, 2018
@rtrinque
New gpg key
1439197 
  As per https://github.com/smira/aptly/issues/717 , the previous gpg key has expired
@johnwarburton
Copy link

Hello - thanks for this

Can you please release this as a new version to the forge?

@smira
Copy link
Contributor

smira commented May 7, 2018

@johnwarburton what exactly should be released?

@johnwarburton
Copy link

Apologies @smira - I meant to post this request to the https://github.com/gds-operations/puppet-aptly project. Please ignore me

BTW - thanks for such a great tool - reproducible builds!

stsnel added a commit to thehyve/puppet-aptly that referenced this issue May 16, 2018
@stsnel
update expired repository key
40815c6 
Source: aptly-dev/aptly#717
stsnel added a commit to thehyve/puppet-aptly that referenced this issue May 16, 2018
@stsnel
update expired repository key
221f29e 
Source: aptly-dev/aptly#717
stsnel added a commit to thehyve/puppet-aptly that referenced this issue May 16, 2018
@stsnel
update expired repository key
5c794d1 
Source: aptly-dev/aptly#717
@protenhan protenhan mentioned this issue Mar 16, 2020
Closed
@m-fonseca m-fonseca mentioned this issue Jul 18, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

New signing key for aptly repo, and small fixes aptly-dev/aptly
4 participants
@smira @johnwarburton @madwort @emopinata