On 17-08-2014 09:47, Armin K. wrote: > On 08/17/2014 01:39 AM, [email protected] wrote: >> Author: fernando >> Date: Sat Aug 16 16:39:09 2014 >> New Revision: 13927 >> >> Log: > > ... > >> MIT Kerberos V5-1.12.2: update gpg2 > > Does the verification work for you? The key used to sign the latest > release is different and I can't seem to receieve it from a hkp server.
I was going to say yes. But: LFS7.1 (where I download and server with the source tarballs): $ gpg2 --version gpg (GnuPG) 2.0.26 libgcrypt 1.6.1 No problem. LFS-svn (dev) $ gpg2 --version gpg (GnuPG) 2.0.26 libgcrypt 1.6.1 Problem. Thanks for asking. $ env LC_ALL=C gpg2 --recv-keys 749D7889 gpg: requesting key 749D7889 from hkp server keys.gnupg.net gpg: Note: signatures using the MD5 algorithm are rejected gpg: key 749D7889: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 1 gpg: w/o user IDs: 1 Problem is the use of MD5 algorithm. Solved problem: $ env LC_ALL=C gpg2 --recv-keys --pgp2 749D7889 gpg: requesting key 749D7889 from hkp server keys.gnupg.net gpg: key 749D7889: public key "Tom Yu <[email protected]>" imported gpg: no ultimately trusted keys found gpg: Total number processed: 1 Now, verification works. Notice the option --pgp2. It would be better to include a comment about this switch, instead of including it in the command. What do you think? -- []s, Fernando -- http://lists.linuxfromscratch.org/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
