Re: gpg says no user ID

Tue, 15 Nov 2022 09:22:45 -0800 

Close, almost there.  At the end something goes wrong. Here is the output:

gpg2 keyserver keyring.debian.org --recv DF98...BE9B

   gpg: /root/.gnupg/trustdb.gpg: trust.db created
   gpg: key DA87E80D6294BE9B: public key "Debian CD signing  key <debian...@lists.debian.org>" imported 

   gpg: Total number processed: 1

   gpg: Imported: 1

gpg2 --verify SHA512SUMS.sign SHA512SUMS

   gpg: Signature made Sat 10 Oct 07:00:08 PM EDT

..........using RSA key DF9B9C49EAA9298432589D76DA87E80D6294BE9B
   gpg: Good signature from "Debian CD signing key <debian...@lists.debian.org>" [unknown] 

...gpg: WARNING: This key is not certified with a trusted signature!

......There is no indication that the signature belongs to the owner

...Primary key fingerprint: DF9B9C49EAA9298432589D76DA87E80D6294BE9B

gpg2 --verify SHA512SUMS.sign debian-11.5.0-amd64-netinst.iso

...gpg: Signature made Sat 10 Oct 07:00:08  PM EDT

...gpg:              using RSA DF9B9C49EAA9298432589D76DA87E80D6294BE9B
...gpg: BAD signature from "Debian CD signing key <debain...@lists.debian.org>"  [unknown] 













On 11/15/22 02:59, Henning Follmann wrote:

On Mon, Nov 14, 2022 at 05:17:25PM -0500, Thomas George wrote:

I am still trying to do a fully verified installation of debian-11.5.0.

gpg --verify SHA512SUMS.sign SHA512SUMS responded with DF98...BE9B

gpg --recv-keys DF98...BE9B responded key DF98...BE9B: new key but contains
no user ID - skipped.

Another source suggested gpg --key-server keyring.debian.org --recv-keys
long numeric key

but this responded invalid option --key-server


sorry that was a typo.
gpg --keyserver keyring.debian.org --recv-keys ...
would be correct.



The gpg man page is beyond me, I need help


Well,
gpg is very complex software now. And the man page tries to be
all-encompassing. So it seems daunting to look at the man pages.
But I still would encourage anybody to use the manpages to better
understand and use their tools.
Which the will also tell you that --keyserver is deprecated (even though it
still should work as intended for your use case). dirmanager these days is
responsible for managing key/certificate dependencies.

Good luck,

-H

Reply via email to