Thanks for the report! Yes, the tarsnap archive keys recently changed -- we update them every year in January. I think that I updated all relevant parts of the website, but I'm always willing to believe that I screwed something up.
Alternate source, if you want more confirmation than a mere email: https://mobile.twitter.com/cperciva/status/1484314545199796225 When I do: $ wget https://pkg.tarsnap.com/tarsnap-deb-packaging-key.asc $ gpg tarsnap-deb-packaging-key.asc I see: gpg: WARNING: no command supplied. Trying to guess what you mean ... pub rsa4096 2021-10-26 [SC] [expires: 2023-02-01] C8AC97032A76382306D2A315B364F774EAC3C4DF uid Tarsnap .deb packages signing key (Tarsnap Backup Inc.) <[email protected]> Could you please try the same commands? WARNING: this morning, I re-discovered that if you already have a tarsnap-deb-packaging-key.asc file in your directory, then wget will save the new file to tarsnap-deb-packaging-key.asc.1 instead of overwriting the existing file. So if you already have the 2021 version of the key, that can spark a lot of confusion. I'm wondering if we should stick the year in the filename. That means that the copy&paste instructions would have to change each year (which is why we didn't do this before), but the annual key rotation bites a few people every year. Cheers, - Graham On Fri, Jan 21, 2022 at 10:00:47PM +0000, Brian Foley wrote: > Hi All, > > > I am following these instructions to install tarsnap on ubuntu: > https://www.tarsnap.com/pkg-deb.html > > > The instructions say: > > gpg --list-packets tarsnap-deb-packaging-key.asc | grep signature > > :signature packet: algo 1, keyid B364F774EAC3C4DF > > :signature packet: algo 17, keyid 38CECA690C6A6A6E > > The first keyid is the Tarsnap deb packaging key, while the second is > Colin Percival's key (|0x38CECA690C6A6A6E|). These keyid values should > match those on a public key server search for 0xB364F774EAC3C4DF > <https://keyserver.ubuntu.com/pks/lookup?op=vindex&search=0xB364F774EAC3C4DF>. > > > > > However, when I perform the same steps I get: > > gpg --list-packets tarsnap-deb-packaging-key.asc | grep signature > > :signature packet: algo 1, keyid BF75EEAB040E447C > > :signature packet: algo 17, keyid 38CECA690C6A6A6E > > > Has the tarsnap GPG key changed? If so, can the docs on the website be > updated for clarity? > > > Thanks, > > > Brian
