On Wednesday, 4 July 2018 19:32:33 BST gevisz wrote: > 2018-07-04 21:01 GMT+03:00 Mick <michaelkintz...@gmail.com>: > > On Wednesday, 4 July 2018 18:57:56 BST gevisz wrote: > >> 2018-07-04 11:55 GMT+03:00 Alex Thorne <lexiconifernel...@gmail.com>: > >> >> I use rsync and get the following for more than a day now; > >> >> > >> >> !!! Manifest verification failed: > >> >> OpenPGP verification failed: > >> >> gpg: Signature made Wed 04 Jul 2018 04:08:28 AM UTC > >> >> gpg: using RSA key > >> >> E1D6ABB63BFCFB4BA02FDF1CEC590EEAC9189250 > >> >> gpg: Can't check signature: No public key > >> > > >> > I'm seeing this too. For me `app-crypt/gentoo-keys` is somehow no > >> > longer > >> > installed and `/var/lib/gentoo/gkeys` is missing. I have no idea how > >> > this > >> > happened. Perhaps it somehow got into `emerge --depclean` and I didn't > >> > catch it. > >> > >> No. Gentoo maintainers just overlooked that all Gentoo signing keys > >> expired > >> on July 1, and added new openpgp-keys-gentoo into portage tree only on > >> July > >> 2. > >> > >> So, since July 1, rsync cannot verify any new portage tree and cannot > >> download app-crypt/openpgp-keys-gentoo-release-20180702 > >> > >> It was discovered in the thread > >> "All Gentoo signing key expired and no way to fix it" > > > > Is there a documented manual workaround we could follow at present, > > irrespective of our sync'ing mechanism of choice? > > For me, it somehow worked by manually refreshing the Gentoo signing keys by > executing the following two commands: > # gpg --homedir /var/lib/gentoo/gkeys/keyrings/gentoo/release --refresh-keys > # gpg --keyserver hkps.pool.sks-keyservers.net --recv-keys > 0xDB6B8C1F96D8BF6D in different order and sourcing /etc/profile > > But, please, note that I use emerge-webrsync to update the portage tree.
Thanks gevisz, the first line to refresh keys fails, because in /var/lib/ gentoo/ I only have a news/ subdirectory. Interestingly, I already have app-crypt/openpgp-keys-gentoo-release installed, but still get 'gpg: Can't check signature: No public key' error when running rsync. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
