Hello, andrewSC, I can not find the key of coreos team on key server: http://keys.gnupg.net/pks/lookup?search=18AD5014C99EF7E3BA5F6CE950BDD3E0FC8A365E&op=vindex , how can I receive it?
Search Criteria
Package Details: etcd 3.3.13-1
| Git Clone URL: | https://aur.archlinux.org/etcd.git (read-only) |
|---|---|
| Package Base: | etcd |
| Description: | A highly-available key value store for shared configuration and service discovery. |
| Upstream URL: | https://github.com/etcd-io/etcd |
| Licenses: | |
| Submitter: | xeross |
| Maintainer: | andrewSC |
| Last Packager: | andrewSC |
| Votes: | 30 |
| Popularity: | 0.308513 |
| First Submitted: | 2013-10-02 12:54 |
| Last Updated: | 2019-05-21 01:13 |
Dependencies (1)
- go (go1.13-pie, gcc-go-git, go-tip, gcc-go, go-pie) (make)
Required by (2)
- cilium-git (optional)
- kubernetes-bin (optional)
Sources (3)
SilverRainZ commented on 2018-07-06 03:40
manifold commented on 2018-06-22 13:15
FYI, using the keyserver-options auto-key retrieve instructions doesn't work for me. I have to manually use gpg to import the key.
galaux commented on 2018-02-25 17:41
Adding keyserver-options auto-key-retrieve to ~/.gnupg/gpg.conf enables makepkg to use the validpgpkeys provided in the PKGBUILD so that it can check the signature is the valid regarding the key specified by the packager.
jolan commented on 2018-02-25 17:31
I can reproduce what clofresh was referring to:
==> Verifying source file signatures with gpg...
etcd-3.3.1.tar.gz ... FAILED (unknown public key F804F4137EF48FD3)
==> ERROR: One or more PGP signatures could not be verified!
Maybe just add a pinned comment about how to retrieve it?
andrewSC commented on 2018-02-12 22:13
clofresh: Not sure I'm following. Where are you seeing a message about a missing key?
clofresh commented on 2018-02-09 17:23
FYI the missing key is CoreOS's app signing key https://coreos.com/security/app-signing-key/
galaux commented on 2017-12-06 21:31
I finally came to the conclusion I do not have enough time to take care of this package. Orphaning. Sorry for the late realisation. Hopefully some good fellow will step up… :)
galaux commented on 2017-09-14 13:21
You could but adding `keyserver-options auto-key-retrieve` to `~/.gnupg/gpg.conf` enables `makepkg` to use the `validpgpkeys` provided in the PKGBUILD so that you can check the key is the one specified by the packager rather than having to pick one up by yourself.
imriss commented on 2017-09-14 12:43
To get the missing public key, you can use:
gpg --keyserver hkp://keys.gnupg.net/ --recv-key F804F4137EF48FD3
galaux commented on 2017-09-13 18:40
Updated. Sorry for the delay. Feel free to drop an email if I happen to miss updates.
Pinned Comments
galaux commented on 2018-02-25 17:41
Adding
keyserver-options auto-key-retrieveto~/.gnupg/gpg.confenablesmakepkgto use thevalidpgpkeysprovided in the PKGBUILD so that it can check the signature is the valid regarding the key specified by the packager.