Re: [rancid] signing key?
Thu, Mar 22, 2018 at 04:13:35PM -0400, Lee: > On 3/22/18, Bohemewrote: > > gpg --search-keys h...@shrubbery.net > > Thanks, but that's not the positive ack I'm looking for. > > Maybe he did use a key created in 1996 & maybe that really is his key, > but I'd rather get the fingerprint from him instead of just searching > for a key that works. i hadnt noticed that it was using the old key; the tool behavior changed and i didnt notice. future sigs will use the more recent key/subkey. > $ gpg --verify rancid-3.7.tar.gz.sig rancid-3.7.tar.gz > gpg: Signature made Wed, Mar 7, 2018 7:32:42 PM EST > gpg:using RSA key 0x4B2BDD527A774C09 > gpg: Can't check signature: public key not found > > $ gpg --search-keys h...@shrubbery.net > gpg: searching for "h...@shrubbery.net" from hkps server > hkps.pool.sks-keyservers.net > (1) John Heasley > 2048 bit RSA key 0xFC860A57C2B34FCB, created: 2015-07-06 > (2) John Heasley > 2048 bit DSA key 0x4472A69EB6650559, created: 2015-04-23 > (3) John Heasley > 1024 bit RSA key 0x0A5CE6407A774C09, created: 2014-06-16 (revoked) > (4) John Heasley > 1024 bit RSA key 0x4B2BDD527A774C09, created: 1996-12-20 > Keys 1-4 of 4 for "h...@shrubbery.net". Enter number(s), N)ext, or Q)uit > q > > > > >> On Mar 22, 2018, at 11:07 AM, Lee wrote: > >> > >>> On 3/22/18, heasley wrote: > >>> Thu, Mar 22, 2018 at 01:46:09PM -0400, Lee: > > On 3/22/18, heasley wrote: > > Thu, Mar 22, 2018 at 04:02:43PM +, Lauri Haveri: > >> Hello again and thanks for the answers! > >> > >> My device happens to be SRX100b and version of the Rancid is 3.3. > >> > >> I got from “apt-get install rancid cvs” > > > > Please install rancid 3/7. It is available here: > > ftp://ftp.shrubbery.net/pub/ranciD > > Which has a detached sig -- thank you!! But what key was used for > signing? > >>> > >>> mine > >> > >> touché > >> > >> I don't have your key, so verifying the fingerprint would be nice; a > >> file I can gpg --import even better > >> > >> Thanks > >> Lee ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] signing key?
On 3/22/18, Bohemewrote: > gpg --search-keys h...@shrubbery.net Thanks, but that's not the positive ack I'm looking for. Maybe he did use a key created in 1996 & maybe that really is his key, but I'd rather get the fingerprint from him instead of just searching for a key that works. $ gpg --verify rancid-3.7.tar.gz.sig rancid-3.7.tar.gz gpg: Signature made Wed, Mar 7, 2018 7:32:42 PM EST gpg:using RSA key 0x4B2BDD527A774C09 gpg: Can't check signature: public key not found $ gpg --search-keys h...@shrubbery.net gpg: searching for "h...@shrubbery.net" from hkps server hkps.pool.sks-keyservers.net (1) John Heasley 2048 bit RSA key 0xFC860A57C2B34FCB, created: 2015-07-06 (2) John Heasley 2048 bit DSA key 0x4472A69EB6650559, created: 2015-04-23 (3) John Heasley 1024 bit RSA key 0x0A5CE6407A774C09, created: 2014-06-16 (revoked) (4) John Heasley 1024 bit RSA key 0x4B2BDD527A774C09, created: 1996-12-20 Keys 1-4 of 4 for "h...@shrubbery.net". Enter number(s), N)ext, or Q)uit > q >> On Mar 22, 2018, at 11:07 AM, Lee wrote: >> >>> On 3/22/18, heasley wrote: >>> Thu, Mar 22, 2018 at 01:46:09PM -0400, Lee: > On 3/22/18, heasley wrote: > Thu, Mar 22, 2018 at 04:02:43PM +, Lauri Haveri: >> Hello again and thanks for the answers! >> >> My device happens to be SRX100b and version of the Rancid is 3.3. >> >> I got from “apt-get install rancid cvs” > > Please install rancid 3/7. It is available here: > ftp://ftp.shrubbery.net/pub/ranciD Which has a detached sig -- thank you!! But what key was used for signing? >>> >>> mine >> >> touché >> >> I don't have your key, so verifying the fingerprint would be nice; a >> file I can gpg --import even better >> >> Thanks >> Lee ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] signing key?
gpg --search-keys h...@shrubbery.net -Sent from my Pip-Boy 3000 > On Mar 22, 2018, at 11:07 AM, Leewrote: > >> On 3/22/18, heasley wrote: >> Thu, Mar 22, 2018 at 01:46:09PM -0400, Lee: On 3/22/18, heasley wrote: Thu, Mar 22, 2018 at 04:02:43PM +, Lauri Haveri: > Hello again and thanks for the answers! > > My device happens to be SRX100b and version of the Rancid is 3.3. > > I got from “apt-get install rancid cvs” Please install rancid 3/7. It is available here: ftp://ftp.shrubbery.net/pub/ranciD >>> >>> Which has a detached sig -- thank you!! But what key was used for >>> signing? >> >> mine > > touché > > I don't have your key, so verifying the fingerprint would be nice; a > file I can gpg --import even better > > Thanks > Lee > > ___ > Rancid-discuss mailing list > Rancid-discuss@shrubbery.net > http://www.shrubbery.net/mailman/listinfo/rancid-discuss ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss
Re: [rancid] signing key?
On 3/22/18, heasleywrote: > Thu, Mar 22, 2018 at 01:46:09PM -0400, Lee: >> On 3/22/18, heasley wrote: >> > Thu, Mar 22, 2018 at 04:02:43PM +, Lauri Haveri: >> >> Hello again and thanks for the answers! >> >> >> >> My device happens to be SRX100b and version of the Rancid is 3.3. >> >> >> >> I got from “apt-get install rancid cvs” >> > >> > Please install rancid 3/7. It is available here: >> > ftp://ftp.shrubbery.net/pub/ranciD >> >> Which has a detached sig -- thank you!! But what key was used for >> signing? > > mine touché I don't have your key, so verifying the fingerprint would be nice; a file I can gpg --import even better Thanks Lee ___ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo/rancid-discuss