On Mon, Mar 25, 2024 at 02:41:26PM +0900, elaexuo...@wilsonb.com wrote: > Hey devs, > > So I lost the PGP key that I was using to sign commits on a private Guix > channel of mine. Is there a way to introduce a hard break in my channel > authentication? > > Despite updating authorization settings, pulls complain that my latest commit > isn't signed by an authorized key. > > Here are the changes I've made: > - New public key added to keyring branch > - Appended new key fingerprint to .guix-authorizations (at commit X) > - Update introduction in .config/guix/channels.scm > - Point to commit X > - Update openpgp-fingerprint > > As a sanity check, I've confirmed that the fingerprint on commit X, the > fingerprint in .guix-authorizations, and the openpgp-fingerprint in my > channels.scm are all the same. > > What am I missing?
Hi all, from reading about guix authentication I think the new signing key must be first added to the .guix-authoriations file and that commit must signed with the current signing keys before the new signing key can be used. Best wishes, Markku
