Bug#840584: apt-key doesn't report the key id and fingerprint on systems with gnupg 2.1
Control: reassign -1 gnupg 2.1.15-3 Control: forcemerge 838153 -1 On Wed, Oct 12, 2016 at 04:50:47PM -0700, Diane Trout wrote: > I had run apt-key on a couple of machines to remove keys for a private > repository and I noticed one machine didn't report the key id or > fingerpint of keys. […] > Both machines are running apt 1.3.1, but the first machine without the > fingerprint has gnupg 2.1, while the machine with the key id and > fingerprint has gnupg 1.4.20 installed. > > So I'm guessing it has something to do with the change to gnupg modern. […] > Versions of packages apt recommends: > ii gnupg 2.1.15-3 It's a bug in gnupg, reassigned & merged as such (which if all works well also closes this bugreport). Note that this bug was fixed in version 2.1.15-4, so a call to arms for trusty and (at least this time) bug-free 'apt' should free you of your troubles. :) Best regards David Kalnischkies signature.asc Description: PGP signature
Bug#840584: apt-key doesn't report the key id and fingerprint on systems with gnupg 2.1
Package: apt Version: 1.3.1 Severity: normal Dear Maintainer, I had run apt-key on a couple of machines to remove keys for a private repository and I noticed one machine didn't report the key id or fingerpint of keys. On one machine the result of apt-key list or apt-key fingerprint includes blocks like: /etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg -- pub rsa4096 2014-11-21 [SC] [expires: 2022-11-19] uid [ unknown] Debian Archive Automatic Signing Key (8/jessie)on another machine the result of apt-key list or apt-key fingerprint includes blocks like: /etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg -- pub 4096R/2B90D010 2014-11-21 [expires: 2022-11-19] Key fingerprint = 126C 0D24 BD8A 2942 CC7D F8AC 7638 D044 2B90 D010 uid Debian Archive Automatic Signing Key (8/jessie) Both machines are running apt 1.3.1, but the first machine without the fingerprint has gnupg 2.1, while the machine with the key id and fingerprint has gnupg 1.4.20 installed. So I'm guessing it has something to do with the change to gnupg modern. The key id certainly makes it easier to remove manually added keys from /etc/apt/trusted.gpg and including the fingerprint helps verifying system integrity. Diane Trout -- Package-specific info: -- apt-config dump -- APT ""; APT::Architecture "amd64"; APT::Build-Essential ""; APT::Build-Essential:: "build-essential"; APT::Install-Recommends "1"; APT::Install-Suggests "0"; APT::Sandbox ""; APT::Sandbox::User "_apt"; APT::Authentication ""; APT::Authentication::TrustCDROM "true"; APT::NeverAutoRemove ""; APT::NeverAutoRemove:: "^firmware-linux.*"; APT::NeverAutoRemove:: "^linux-firmware$"; APT::NeverAutoRemove:: "^linux-image-4\.6\.0-1-amd64$"; APT::NeverAutoRemove:: "^linux-image-4\.7\.0-1-amd64$"; APT::NeverAutoRemove:: "^linux-headers-4\.6\.0-1-amd64$"; APT::NeverAutoRemove:: "^linux-headers-4\.7\.0-1-amd64$"; APT::NeverAutoRemove:: "^linux-image-extra-4\.6\.0-1-amd64$"; APT::NeverAutoRemove:: "^linux-image-extra-4\.7\.0-1-amd64$"; APT::NeverAutoRemove:: "^linux-signed-image-4\.6\.0-1-amd64$"; APT::NeverAutoRemove:: "^linux-signed-image-4\.7\.0-1-amd64$"; APT::NeverAutoRemove:: "^kfreebsd-image-4\.6\.0-1-amd64$"; APT::NeverAutoRemove:: "^kfreebsd-image-4\.7\.0-1-amd64$"; APT::NeverAutoRemove:: "^kfreebsd-headers-4\.6\.0-1-amd64$"; APT::NeverAutoRemove:: "^kfreebsd-headers-4\.7\.0-1-amd64$"; APT::NeverAutoRemove:: "^gnumach-image-4\.6\.0-1-amd64$"; APT::NeverAutoRemove:: "^gnumach-image-4\.7\.0-1-amd64$"; APT::NeverAutoRemove:: "^.*-modules-4\.6\.0-1-amd64$"; APT::NeverAutoRemove:: "^.*-modules-4\.7\.0-1-amd64$"; APT::NeverAutoRemove:: "^.*-kernel-4\.6\.0-1-amd64$"; APT::NeverAutoRemove:: "^.*-kernel-4\.7\.0-1-amd64$"; APT::NeverAutoRemove:: "^linux-backports-modules-.*-4\.6\.0-1-amd64$"; APT::NeverAutoRemove:: "^linux-backports-modules-.*-4\.7\.0-1-amd64$"; APT::NeverAutoRemove:: "^linux-tools-4\.6\.0-1-amd64$"; APT::NeverAutoRemove:: "^linux-tools-4\.7\.0-1-amd64$"; APT::VersionedKernelPackages ""; APT::VersionedKernelPackages:: "linux-image"; APT::VersionedKernelPackages:: "linux-headers"; APT::VersionedKernelPackages:: "linux-image-extra"; APT::VersionedKernelPackages:: "linux-signed-image"; APT::VersionedKernelPackages:: "kfreebsd-image"; APT::VersionedKernelPackages:: "kfreebsd-headers"; APT::VersionedKernelPackages:: "gnumach-image"; APT::VersionedKernelPackages:: ".*-modules"; APT::VersionedKernelPackages:: ".*-kernel"; APT::VersionedKernelPackages:: "linux-backports-modules-.*"; APT::VersionedKernelPackages:: "linux-tools"; APT::Never-MarkAuto-Sections ""; APT::Never-MarkAuto-Sections:: "metapackages"; APT::Never-MarkAuto-Sections:: "contrib/metapackages"; APT::Never-MarkAuto-Sections:: "non-free/metapackages"; APT::Never-MarkAuto-Sections:: "restricted/metapackages"; APT::Never-MarkAuto-Sections:: "universe/metapackages"; APT::Never-MarkAuto-Sections:: "multiverse/metapackages"; APT::Move-Autobit-Sections ""; APT::Move-Autobit-Sections:: "oldlibs"; APT::Move-Autobit-Sections:: "contrib/oldlibs"; APT::Move-Autobit-Sections:: "non-free/oldlibs"; APT::Move-Autobit-Sections:: "restricted/oldlibs"; APT::Move-Autobit-Sections:: "universe/oldlibs"; APT::Move-Autobit-Sections:: "multiverse/oldlibs"; APT::Update ""; APT::Update::Post-Invoke-Success ""; APT::Update::Post-Invoke-Success:: "/usr/bin/test -e /usr/share/dbus- 1/system-services/org.freedesktop.PackageKit.service && /usr/bin/test -S /var/run/dbus/system_bus_socket && /usr/bin/gdbus call --system -- dest org.freedesktop.PackageKit --object-path /org/freedesktop/PackageKit --timeout 4 --method org.freedesktop.PackageKit.StateHasChanged cache-update > /dev/null; /bin/echo > /dev/null"; APT::Update::Post-Invoke-Success:: "if /usr/bin/test -w /var/cache/app- info -a -e /usr/bin/appstreamcli; then appstreamcli