[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] SUSE Security Announcement: gpg signature checking problems (SUSE-SA:2006:014)
Scott Leighton wrote:
>>I went there, downloaded
>><http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3D25D3D9> to (say
>>for brevity) file.pubkey, and then ran
>>gpg --import file.pubkey
>>This returned with:
>>gpg: no valid OpenPGP data found.
>>gpg: Total number processed: 0
>>Actually, I did all this twice, including downloading, with the same
>>result each time. Using gpg2 yeilded the same. What's the deal?
> How are you 'downloading it'? I copied then pasted to kate and
> saved it as test.key
Using Firefox, brought up the page mentioned above, clicked on File >
Save Page As, gave a directory and filename, and clicked OK. Nothing at
all mysterious or unusual. After the first download I used vi to trim
off the couple html lines above and below the key delimiters (even
though I was almost sure it didn't matter-- gpg would find the
delimiters). For the second download (after the first file wouldn't
import) I left the little bit of html code in the file and got the same
After the second failure I did a diff on the two files and the only
difference was that aforementioned html code.
Did you download the key from the page cited above? Or somewhere else?
> gpg --import test.key
> gpg: key 3D25D3D9: duplicated user ID detected - merged
> gpg: key 3D25D3D9: "SuSE Security Team <security@xxxxxxx>" 49 new signatures
"This world ain't big enough for the both of us,"
said the big noema to the little noema.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here