Por que esta chave pública do Debian-ex-developer não foi encontrada?

4

Eu sou as seguintes instruções Instale no Debian, Ubuntu ou Mint usando a linha de comando e o GnuPG ao fazer Tails , baseado no Debian, usb stick.

Todas as etapas foram executadas onde a falha na última linha gpg: error reading key: public key not found , enquanto a saída esperada sig! 0x9C31503C6D866396 2015-02-03 Stefano Zacchiroli <[email protected]> para o comando gpg --keyid-format 0xlong --check-sigs A490D0F4D311A4153E2BB7CADBB802B258ACD84F

masi@masi:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 8.7 (jessie)
Release:    8.7
Codename:   jessie

masi@masi:~$ wget https://tails.boum.org/tails-signing.key
--2017-02-26 08:47:14--  https://tails.boum.org/tails-signing.key
Resolving tails.boum.org (tails.boum.org)... 204.13.164.188
Connecting to tails.boum.org (tails.boum.org)|204.13.164.188|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 459593 (449K) [application/pgp-keys]
Saving to: ‘tails-signing.key’

tails-signing.key   100%[=====================>] 448.82K   351KB/s   in 1.3s   

2017-02-26 08:47:17 (351 KB/s) - ‘tails-signing.key’ saved [459593/459593]

masi@masi:~$ gpg --import < tails-signing.key
gpg: key 58ACD84F: public key "Tails developers (offline long-term identity key) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
gpg: no ultimately trusted keys found

masi@masi:~$ su
Password: 

root@masi:/home/masi# apt-get install debian-keyring
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libx265-79 linux-image-4.6.0-0.bpo.1-amd64 linux-image-4.7.0-0.bpo.1-amd64
Use 'apt-get autoremove' to remove them.
The following NEW packages will be installed:
  debian-keyring
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 52.4 MB of archives.
After this operation, 58.0 MB of additional disk space will be used.
Get:1 http://ftp.fi.debian.org/debian/ jessie/main debian-keyring all 2015.04.10 [52.4 MB]
Fetched 52.4 MB in 35s (1,458 kB/s)                                            
Selecting previously unselected package debian-keyring.
(Reading database ... 316032 files and directories currently installed.)
Preparing to unpack .../debian-keyring_2015.04.10_all.deb ...
Unpacking debian-keyring (2015.04.10) ...
Setting up debian-keyring (2015.04.10) ...
root@masi:/home/masi# gpg --keyring=/usr/share/keyrings/debian-keyring.gpg --export [email protected] | gpg --import
gpg: key 6D866396: public key "Stefano Zacchiroli <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
gpg: no ultimately trusted keys found

root@masi:/home/masi# gpg --keyid-format 0xlong --check-sigs A490D0F4D311A4153E2BB7CADBB802B258ACD84F
gpg: error reading key: public key not found

OS: Debian 8.7
Hardware: Asus Zenbook UX303UB

    
por Léo Léopold Hertz 준영 26.02.2017 / 07:54

1 resposta

9

Você não importou a chave do Tails que você tentou verificar nas assinaturas:

$ gpg --recv-key A490D0F4D311A4153E2BB7CADBB802B258ACD84F

$ gpg --check-sigs A490D0F4D311A4153E2BB7CADBB802B258ACD84F
pub   rsa4096 2015-01-18 [C] [expires: 2018-01-11]
      A490D0F4D311A4153E2BB7CADBB802B258ACD84F
uid           [ unknown] Tails developers (offline long-term identity key) <[email protected]>
sig!         9C31503C6D866396 2015-02-03  Stefano Zacchiroli <[email protected]>
sig!3        DBB802B258ACD84F 2015-09-27  Tails developers (offline long-term identity key) <[email protected]>
sig!3        DBB802B258ACD84F 2016-08-30  Tails developers (offline long-term identity key) <[email protected]>
sig!3        DBB802B258ACD84F 2015-01-18  Tails developers (offline long-term identity key) <[email protected]>
uid           [ unknown] Tails developers <[email protected]>
sig!3        DBB802B258ACD84F 2015-09-27  Tails developers (offline long-term identity key) <[email protected]>
sig!3        DBB802B258ACD84F 2016-08-30  Tails developers (offline long-term identity key) <[email protected]>
sub   rsa4096 2015-01-18 [S] [expires: 2018-01-11]
sig!         DBB802B258ACD84F 2016-08-30  Tails developers (offline long-term identity key) <tails@bgpg: 9 good signatures
gpg: 1124 signatures not checked due to missing keys
oum.org>
sub   rsa4096 2015-01-18 [S] [expires: 2018-01-11]
sig!         DBB802B258ACD84F 2016-08-30  Tails developers (offline long-term identity key) <[email protected]>
sub   rsa4096 2016-08-30 [S] [expires: 2018-01-11]
sig!         DBB802B258ACD84F 2016-08-30  Tails developers (offline long-term identity key) <[email protected]>

Bem, você fez, mas você fez isso como um usuário comum, ao tentar verificar a assinatura como root. Agora você tem dois keyrings, um com a chave Tails na sua conta de usuário, e um com a chave do desenvolvedor Debian na conta root.

Este é um dos motivos pelos quais você deve usar sudo e muito raramente encontrar um shell de raiz interativo.

    
por 26.02.2017 / 08:50