Hi, Running Linux Mint 19.3
Had an update failure with the message W:GPG error: http://pkg.tarsnap.com/deb/tessa ./ Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY FC72A10BF6B692AA, E:The repository 'http://pkg.tarsnap.com/deb/tessa ./ Release' is not signed. I tried to re-download the package: (2) andrew@andrew Downloads $ wget https://pkg.tarsnap.com/tarsnap-deb-packaging-key.asc --2020-05-26 10:59:43-- https://pkg.tarsnap.com/tarsnap-deb-packaging-key.asc Connecting to 127.0.0.1:8118... connected. Proxy request sent, awaiting response... 200 OK Length: 1810 (1.8K) [application/pgp-signature] Saving to: ‘tarsnap-deb-packaging-key.asc.1’ tarsnap-deb-packaging-key.asc.1 100%[=======================================================================>] 1.77K --.-KB/s in 0s 2020-05-26 10:59:44 (159 MB/s) - ‘tarsnap-deb-packaging-key.asc.1’ saved [1810/1810] /home/andrew/Downloads (2) andrew@andrew Downloads $ gpg --list-packets tarsnap-deb-packaging-key.asc | grep signature :signature packet: algo 1, keyid 70BD6C50E82A9D99 :signature packet: algo 17, keyid 38CECA690C6A6A6E The verification shows a different packaging key from the expected one! I have not proceeded any further. Is it safe to do so? regards, -- Andrew Woodward
