Re: GPG errors from apt update
On Thu, 31 Aug 2006 16:52:06 -0700, Hedges, Mark wrote: But then, I tried apt-get update about 5 minutes later with NO CHANGES and got these erorrs: Failed to fetch http://ftp.us.debian.org/debian/dists/testing/main/binary-i386/PackagesI ndex MD5Sum mismatch [...] $ host ftp.us.debian.org ftp.us.debian.org has address 128.101.240.212 ftp.us.debian.org has address 204.152.191.7 ftp.us.debian.org has address 216.37.55.114 ftp.us.debian.org has address 35.9.37.225 It would be helpful if apt-get informed the user of which server it is having problems with to ease the tasks of troubleshooting and contacting the correct mirror admin. -- Sam Morris http://robots.org.uk/ PGP key id 1024D/5EA01078 3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPG errors from apt update
From: Sam Morris [EMAIL PROTECTED] Date: Fri, 1 Sep 2006 10:11:30 + (UTC) On Thu, 31 Aug 2006 16:52:06 -0700, Hedges, Mark wrote: But then, I tried apt-get update about 5 minutes later with NO CHANGES and got these erorrs: Failed to fetch http://ftp.us.debian.org/debian/dists/testing/main/binary-i386/PackagesI ndex MD5Sum mismatch [...] $ host ftp.us.debian.org ftp.us.debian.org has address 128.101.240.212 ftp.us.debian.org has address 204.152.191.7 ftp.us.debian.org has address 216.37.55.114 ftp.us.debian.org has address 35.9.37.225 It would be helpful if apt-get informed the user of which server it is having problems with to ease the tasks of troubleshooting and contacting the correct mirror admin. I think the problem is deeper than that. Since June I've gotten sporadic errors with both the main archives and the security archives. Sometimes I switch the security URL direct to the UNM or klecker (xs4all) and it will work, then later it won't, so I switch back. Sometimes I switch the main archive to the frontiernet mirror and it will work for a while, then it will break, then I switch back and it will be fine, etc. I am almost guaranteed to get these errors at least once a day. I think it is an issue with the signing process and the mirror updates in general, not with any particular mirror. I'm surprised more people haven't reported these problems. Maybe they were ignored because they did resemble the older problem with the signing key so closely. _ Search from any web page with powerful protection. Get the FREE Windows Live Toolbar Today! http://get.live.com/toolbar/overview -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPG errors from apt update
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Robert Dobbs wrote: I'm surprised more people haven't reported these problems. Maybe they were ignored because they did resemble the older problem with the signing key so closely. I do recall seeing something similar to what you describe, but it was only once and it was some time ago. Have you tried sniffing the network traffic to see what is occurring? - -Jim P. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFE+HQsMyG7U7lo69MRAi8WAKC2c+1qDAH2Q3ScnNr6medBs2pa/wCgkFPV hKLK7l/S8lXcMYlqPWBopm4= =K2Q9 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPG errors from apt update
From: Jim Popovitch [EMAIL PROTECTED] Date: Fri, 01 Sep 2006 13:55:56 -0400 -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Robert Dobbs wrote: I'm surprised more people haven't reported these problems. Maybe they were ignored because they did resemble the older problem with the signing key so closely. I do recall seeing something similar to what you describe, but it was only once and it was some time ago. Have you tried sniffing the network traffic to see what is occurring? I'm pretty sure it isn't my computer that causes the problem. You know what, I took the other advice and put the URL's in for each of the hosts that ftp.us links to. At the moment, at least, the problems seem to be on the mirrors1.kernel.org and the progeny mirror. But that still doesn't explain the sporadic problems with the security archives. _ All-in-one security and maintenance for your PC. Get a free 90-day trial! http://www.windowsonecare.com/trial.aspx?sc_cid=msn_hotmail -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPG errors from apt update
That key is in debian-keyring, but was not in apt. I had to manually add the /usr/share/keyrings/debian-keyring.* keyrings to ~root/.gnupg/gpg.conf, then extract the keys and add with apt-key. Shouldn't this be automatic? But it does not matter. I still get the same error on `apt-get update`: W: GPG error: http://security.debian.org stable/updates Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) [EMAIL PROTECTED] W: GPG error: http://security.debian.org testing/updates Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) [EMAIL PROTECTED] Mark From: Davide Prina [EMAIL PROTECTED] To: debian-security@lists.debian.org Subject: Re: GPG errors from apt update Date: Thu, 31 Aug 2006 19:59:23 +0200 Robert Dobbs wrote: W: GPG error: http://security.debian.org stable/updates Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian have you update that key before? # gpg --keyserver pgp.mit.edu --recv-keys 010908312D230C5F # gpg --armor --export 010908312D230C5F | apt-key add - Ciao Davide -- Dizionari: http://linguistico.sourceforge.net/wiki Esci dall'illegalità: utilizza OpenOffice.org: http://linguistico.sourceforge.net/wiki/doku.php?id=UsaOOo Non autorizzo la memorizzazione del mio indirizzo su outlook _ Get real-time traffic reports with Windows Live Local Search http://local.live.com/default.aspx?v=2cp=42.336065~-109.392273style=rlvl=4scene=3712634trfc=1 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPG errors from apt update
ahi, ahi, ahi ... top posting ... this is bad ;-) Robert Dobbs wrote: I cannot do it because of my company's firewall. you can go to a keyring site and download the key from here Why is the key not in debian-keyring package? key is updated each year ... but next update will be in January (I think) Ciao Davide -- Dizionari: http://linguistico.sourceforge.net/wiki Browser: http://www.mozilla.org/products/firefox GNU/Linux User: 302090: http://counter.li.org Non autorizzo la memorizzazione del mio indirizzo su outlook -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPG errors from apt update
Am Donnerstag, den 31.08.2006, 11:50 -0700 schrieb Robert Dobbs: That key is in debian-keyring, but was not in apt. I had to manually add the /usr/share/keyrings/debian-keyring.* keyrings to ~root/.gnupg/gpg.conf, then extract the keys and add with apt-key. There is no need to add them to root's gpg.conf. The necessary key can be easily extracted without such an action (IMO). Shouldn't this be automatic? It is. But the keyrings are in debian-archive-keyring (because the did not make it into debian-keyring for months - no idea why). But it does not matter. I still get the same error on `apt-get update`: W: GPG error: http://security.debian.org stable/updates Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) [EMAIL PROTECTED] W: GPG error: http://security.debian.org testing/updates Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) [EMAIL PROTECTED] Just install the mentioned debian-archive-keyring package and run 'apt-key update'. Probably you fetched the wrong key: $ gpg --no-default-keyring --keyring /usr/share/keyrings/debian-role-keys.gpg --list-keys does not list the 2006er archive key. Regards, Daniel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPG errors from apt update
From: Daniel Leidert [EMAIL PROTECTED] Date: Fri, 01 Sep 2006 01:30:51 +0200 Just install the mentioned debian-archive-keyring package and run 'apt-key update'. Probably you fetched the wrong key: $ gpg --no-default-keyring --keyring /usr/share/keyrings/debian-role-keys.gpg --list-keys does not list the 2006er archive key. I had debian-archive-keyring installed already. I still get the error. But it is sporadic -- usually if I wait a few hours or switch direct to klecker (or back if klecker gives the error) (or to and from ftp.us and the frontiernet mirror) and try update again, it is fine, without any changes to keys on my part. I realize this resembles an old issue that is easily dismissed, but it is different from that problem, which was reported in January and which I fixed then by installing debian-archive-keyring and it worked for a long time. These sporadic errors started mid-June of this year. What's going on? _ All-in-one security and maintenance for your PC. Get a free 90-day trial! http://www.windowsonecare.com/trial.aspx?sc_cid=msn_hotmail -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPG errors from apt update
On Thu, 31 Aug 2006 11:50:44 -0700, Robert Dobbs wrote: That key is in debian-keyring, but was not in apt. I had to manually add the /usr/share/keyrings/debian-keyring.* keyrings to ~root/.gnupg/gpg.conf, then extract the keys and add with apt-key. Shouldn't this be automatic? But it does not matter. I still get the same error on `apt-get update`: W: GPG error: http://security.debian.org stable/updates Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) [EMAIL PROTECTED] W: GPG error: http://security.debian.org testing/updates Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) [EMAIL PROTECTED] Isn't BADSIG indicative of a bad signature rather than a missing key? -- Sam Morris http://robots.org.uk/ PGP key id 1024D/5EA01078 3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPG errors from apt update
From: Sam Morris [EMAIL PROTECTED] Date: Fri, 1 Sep 2006 00:01:03 + (UTC) On Thu, 31 Aug 2006 11:50:44 -0700, Robert Dobbs wrote: But it does not matter. I still get the same error on `apt-get update`: W: GPG error: http://security.debian.org stable/updates Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) [EMAIL PROTECTED] W: GPG error: http://security.debian.org testing/updates Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) [EMAIL PROTECTED] Isn't BADSIG indicative of a bad signature rather than a missing key? Yes, that's why it seemed like a problem with the server, and a good idea initially to ask on this list, but I guess no one cares. _ Check the weather nationwide with MSN Search: Try it now! http://search.msn.com/results.aspx?q=weatherFORM=WLMTAG -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
RE: GPG errors from apt update
I had debian-archive-keyring installed already. I still get the error. But it is sporadic -- usually if I wait a few hours or switch direct to klecker (or back if klecker gives the error) (or to and from ftp.us and the frontiernet mirror) and try update again, it is fine, without any changes to keys on my part. I realize this resembles an old issue that is easily dismissed, but it is different from that problem, which was reported in January and which I fixed then by installing debian-archive-keyring and it worked for a long time. These sporadic errors started mid-June of this year. What's going on? I hear you. I have been trying to get someone to pay attention too. To test this, I just deleted all of my keys with apt-key, removed the debian-keyring and debian-archive-keyring packages, reinstalled those packages (said 2006 key was imported), then tried apt-get update. This time, the sporadic nature of the problem is clearly demonstrated. I have ftp.us stable, testing and unstable + security stable and testing in my sources.list. I only got 1 error: W: GPG error: http://ftp.us.debian.org testing Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) [EMAIL PROTECTED] But then, I tried apt-get update about 5 minutes later with NO CHANGES and got these erorrs: Failed to fetch http://ftp.us.debian.org/debian/dists/testing/main/binary-i386/PackagesI ndex MD5Sum mismatch Failed to fetch http://ftp.us.debian.org/debian/dists/testing/contrib/binary-i386/Packag esIndex MD5Sum mismatch Reading package lists... Done W: Couldn't stat source package list http://ftp.us.debian.org testing/main Packages (/var/lib/apt/lists/ftp.us.debian.org_debian_dists_testing_main_binary-i 386_Packages) - stat (2 No such file or directory) W: Couldn't stat source package list http://ftp.us.debian.org testing/contrib Packages (/var/lib/apt/lists/ftp.us.debian.org_debian_dists_testing_contrib_binar y-i386_Packages) - stat (2 No such file or directory) W: Couldn't stat source package list http://ftp.us.debian.org testing/main Packages (/var/lib/apt/lists/ftp.us.debian.org_debian_dists_testing_main_binary-i 386_Packages) - stat (2 No such file or directory) W: Couldn't stat source package list http://ftp.us.debian.org testing/contrib Packages (/var/lib/apt/lists/ftp.us.debian.org_debian_dists_testing_contrib_binar y-i386_Packages) - stat (2 No such file or directory) So, will someone take this seriously? Mark PLEASE IGNORE THE CORPORATE SIGNATURE BELOW. THE PUBLIC IS THE INTENDED RECIPIENT(S). This email message is for the sole use of the intended recipient(s) and may contain privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.
RE: GPG errors from apt update
So, will someone take this seriously? Now I tried update again with no further changes and it is totally fubar: Failed to fetch http://ftp.us.debian.org/debian/dists/testing/main/binary-i386/Packages. bz2 MD5Sum mismatch Failed to fetch http://ftp.us.debian.org/debian/dists/testing/contrib/binary-i386/Packag es.bz2 MD5Sum mismatch Failed to fetch http://ftp.us.debian.org/debian/dists/stable/main/binary-i386/Packages.g z MD5Sum mismatch Failed to fetch http://ftp.us.debian.org/debian/dists/stable/non-free/binary-i386/Packag es.gz MD5Sum mismatch Failed to fetch http://ftp.us.debian.org/debian/dists/stable/contrib/binary-i386/Package s.gz MD5Sum mismatch Reading package lists... Done W: Couldn't stat . Does anyone know what's going on? Mark PLEASE IGNORE THE CORPORATE SIGNATURE BELOW. THE PUBLIC IS THE INTENDED RECIPIENT(S). This email message is for the sole use of the intended recipient(s) and may contain privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.
Re: GPG errors from apt update
This one time, at band camp, Hedges, Mark said: So, will someone take this seriously? Now I tried update again with no further changes and it is totally fubar: It sounds like the mirror is toast. Please mail the mirror admins. I don't have an email address off hand, sorry, but it should be either on the mirrors page or the organization page of debian.org. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: GPG errors from apt update
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Stephen Gran un jour écriva: It sounds like the mirror is toast. Please mail the mirror admins. I don't have an email address off hand, sorry, but it should be either on the mirrors page or the organization page of debian.org. Behind ftp.us.debian.org, there is actually 4 mirrors, so there is not any specific email address about it except maybe the Debian mirror mailing list. Could it be a problem with only one of those mirrors? Here the 4 servers deserving ftp.us.debian.org if you wish to check them individually: ike.egr.msu.edu archive.progeny.com debian-mirror.mirror.umn.edu mirrors1.kernel.org Could it be something about bad synchronization between those servers? I don't think it should happens under normal circumstances, especially with the 2-stages mirroring scheme, but it might be worth to verify. Simon Valiquette http://gulus.USherbrooke.ca -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Linux PPC) iD8DBQFE96xfJPE+P+aMAJIRA448AJ423Wn32g6MgB6fM+yDCytZ2wiXtgCeNMkp RkaffrOc1zYvs1gWLCQKuJQ= =xJSd -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]