[X2Go-Dev] Bug#1401: PGP-Key is not available on keyservers for debian buster
Mihai Moldovan
ionic at ionic.de
Sat Aug 24 19:06:24 CEST 2019
Control: reassign -1 packages.x2go.org
> N: An update from such a repository cannot be done in a secure way, so
> it is disabled by default.
The x2go-keyring package is available for Debian buster, includes the required
key file and should work just fine.
However, newer apt versions will disallow downloading from an untrusted repository.
In order to actually install the keyring package, try running something like:
sudo apt-get --allow-unauthenticated install x2go-keyring
Afterwards, sudo apt update should not return an error again. Do not use the
--allow-unauthenticated flag without understanding its implications.
> sudo apt-key adv --recv-keys --keyserver keys.gnupg.net E1F958385BFE2B6E
> Executing: /tmp/apt-key-gpghome.4WhtJFIi3f/gpg.1.sh --recv-keys
> --keyserver keys.gnupg.net E1F958385BFE2B6E
> gpg: Received from key server failed: The waiting time for the
> connection has expired.
The public key is also available on keyservers. Most keyservers are still
stoned, however, from the attacks that have been carried out a few months ago
and a year ago. For more information, and why this problem is unlike to be fixed
in the first place, refer to
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f for instance.
I cannot fix public keyservers for you.
Like the message said: there was a timeout while fetching the key. It did not
say that such a key does not exist.
Mihai
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20190824/4779eb79/attachment.sig>
More information about the x2go-dev
mailing list