[arch-general] pacman system update - Why am I prompted to import a specific key?
All, On update today (yesterday's updates went fine), I am prompted to approve import of the following key a number of times: (108/108) checking keys in keyring [######################################] 100% downloading required keys... :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@a.org>"? [Y/n] :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@a.org>"? [Y/n] Y :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@a.org>"? [Y/n] :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@a.org>"? [Y/n] :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@a.org>"? [Y/n] :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@archlinux.org>"? [Y/n] :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@a.org>"? [Y/n] :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@a.org>"? [Y/n] :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@a.org>"? [Y/n] :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) <heftig@a.org>"? [Y/n] Is this normal? (email address intentionally truncated) -- David C. Rankin, J.D.,P.E.
Hello David,
On update today (yesterday's updates went fine), I am prompted to approve import of the following key a number of times:
doesn't this happen when the package archlinux-keyring got updated? So doing a pacman -Sy archlinux-keyring first and then the -Su worked for me. Simon
On 06/12/2020 01:23 PM, Simon Wilper wrote:
Hello David,
On update today (yesterday's updates went fine), I am prompted to approve import of the following key a number of times:
doesn't this happen when the package archlinux-keyring got updated? So doing a pacman -Sy archlinux-keyring first and then the -Su worked for me.
Simon
Strange, Since 2009, and thousands up updates over 1/2 dozen boxes, this is the only time this has happened using simply pacman -Syu -- David C. Rankin, J.D.,P.E.
On update today (yesterday's updates went fine), I am prompted to approve import of the following key a number of times: […] :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) […] Oh, “the heftig bug” ;). While Simon Wilper has provided the solution, here is some background:
“[…] I replaced it to get a clean break for a new key, which I'm treating more securely from the beginning (no secret keys on the laptop, just subkeys on a yubikey and the master key on a few backups)” —heftig -Syu often to avoid problems.
On 06/12/2020 09:24 PM, mpan wrote:
On update today (yesterday's updates went fine), I am prompted to approve import of the following key a number of times: […] :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) […] Oh, “the heftig bug” ;). While Simon Wilper has provided the solution, here is some background:
“[…] I replaced it to get a clean break for a new key, which I'm treating more securely from the beginning (no secret keys on the laptop, just subkeys on a yubikey and the master key on a few backups)” —heftig
-Syu often to avoid problems.
Oh.... So there was a private key that escaped into the wild... That would be a big bug... Thank you for the background. I generally -Syu daily (at most every few days) -- which is why this event immediately jumped out as not normal. I hope he got the laptop back :p -- David C. Rankin, J.D.,P.E.
Hello David, The way I understand it the key was not "in the wild" but on his laptop. So no bug in sight, large or small. Not that it is very relevant here but just to make sure no-one gets a wrong impression of our dev. Best wishes, NTS On 13 Jun 2020 6:46 p.m., "David C. Rankin" <drankinatty@suddenlinkmail.com> wrote: On 06/12/2020 09:24 PM, mpan wrote:
On update today (yesterday's updates went fine), I am prompted to approve import of the following key a number of times: […] :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) […] Oh, “the heftig bug” ;). While Simon Wilper has provided the solution, here is some background:
“[…] I replaced it to get a clean break for a new key, which I'm treating more securely from the beginning (no secret keys on the laptop, just subkeys on a yubikey and the master key on a few backups)” —heftig
-Syu often to avoid problems.
Oh.... So there was a private key that escaped into the wild... That would be a big bug... Thank you for the background. I generally -Syu daily (at most every few days) -- which is why this event immediately jumped out as not normal. I hope he got the laptop back :p -- David C. Rankin, J.D.,P.E.
participants (4)
-
David C. Rankin
-
mpan
-
NTS
-
Simon Wilper