Am 8. Februar 2018 11:43:17 MEZ schrieb Lars Ellenberg <lars.ellenb...@linbit.com>: >On Thu, Feb 08, 2018 at 10:06:00AM +0100, Christoph Lechleitner wrote: >> Am 08.02.18 um 09:38 schrieb Yannis Milios: >> > Can you please renew proxmox repo Release.gpg file ? > >The signature is fine. >You need to refresh your keyring. >How? See below. > >> > W: An error occurred during the signature verification. The >repository >> > is not updated and the previous index files will be used. GPG >error: >> > http://packages.linbit.com/proxmox proxmox-5 Release: The following >> > signatures were invalid: EXPKEYSIG 53B3B037282B6E23 LINBIT Package >and >> > Repository Signing Key (2017) >> > W: Failed to fetch >> > http://packages.linbit.com/proxmox/dists/proxmox-5/Release.gpg The >> > following signatures were invalid: EXPKEYSIG 53B3B037282B6E23 >LINBIT >> > Package and Repository Signing Key (2017) >> > W: Some index files failed to download. They have been ignored, or >old >> > ones used instead. >> >> Just in case this might help: >> >> Debian Stretch introduced 2 new requirements for signing keys and >> signatures: > >Why would you think it would? >Both requirements are fullfilled, and not being complained about. >(Also someone would have noticed that before, >stretch was not released yesterday). > >It complains about an *EXPKEYSIG* >And there is also the "2017" as a hint. >so: key expiry. Which the subject already says as well. > >We usually do not create a new key, >but simply extend the validity for an other year, >and also add the "current year" uid. > >Your system apparently did not notice the extended validity. >You can help: > >apt-key list --verbose LINBIT >| pub dsa1024 2008-11-13 [SC] [expired: 2018-02-01] >| 32A7 46AD 3ACF B7EB 9A18 8D19 53B3 B037 282B 6E23 >| uid [ expired] LINBIT Package and Repository Signing Key >(2017) >| ... >| sub elg2048 2008-11-13 [E] [expired: 2018-02-01] >| gpg: Note: signature key 53B3B037282B6E23 expired Don 01 Feb 2018 >11:49:14 CET > > >apt-key adv --keyserver keyserver.ubuntu.com --recv-keys >0x53B3B037282B6E23 >(or your keyserver of choice) >| gpg: key 53B3B037282B6E23: "LINBIT Package and Repository Signing Key >(2018)" 1 new user ID >| gpg: key 53B3B037282B6E23: "LINBIT Package and Repository Signing Key >(2018)" 11 new signatures >... > >apt-key list --verbose LINBIT >| pub dsa1024 2008-11-13 [SC] [expires: 2019-02-01] >| 32A7 46AD 3ACF B7EB 9A18 8D19 53B3 B037 282B 6E23 >| uid [ unknown] LINBIT Package and Repository Signing Key >(2018) >| ... >| sub elg2048 2008-11-13 [E] [expires: 2019-02-01] > >Yay.
I have seen those exact error messages due to those exact requirements. Considering Linbit's focus seemed to have been on RedHat for years it *could* have been relevant. I wrote "in case", btw. Sorry I tried to help. Regards Christoph mfg in aller Kürze vom Hand-Androiden _______________________________________________ drbd-user mailing list drbd-user@lists.linbit.com http://lists.linbit.com/mailman/listinfo/drbd-user