[arch-general] pacman system update - Why am I prompted to import a specific key?
David C. Rankin
drankinatty at suddenlinkmail.com
Sat Jun 13 16:46:25 UTC 2020
On 06/12/2020 09:24 PM, mpan wrote:
>> On update today (yesterday's updates went fine), I am prompted to approve
>> import of the following key a number of times: […]
>> :: Import PGP key 3B94A80E50A477C7, "Jan Alexander Steffens (heftig) […]
> Oh, “the heftig bug” ;). While Simon Wilper has provided the solution,
> here is some background:
>
> “[…] I replaced it to get a clean break for a new key, which I'm
> treating more securely from the beginning (no secret keys on the
> laptop, just subkeys on a yubikey and the master key on a few
> backups)” —heftig
>
> -Syu often to avoid problems.
>
Oh.... So there was a private key that escaped into the wild...
That would be a big bug... Thank you for the background. I generally -Syu
daily (at most every few days) -- which is why this event immediately jumped
out as not normal. I hope he got the laptop back :p
--
David C. Rankin, J.D.,P.E.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20200613/6bd83a5e/attachment.sig>
More information about the arch-general
mailing list