https://bugzilla.redhat.com/show_bug.cgi?id=1767317
Bug ID: 1767317 Summary: GPG Verification of Fedora 31 download is not possible Product: Fedora Documentation Version: devel Status: NEW Component: security-guide Assignee: pbokoc@redhat.com Reporter: xwarman@posteo.de QA Contact: docs-qa@lists.fedoraproject.org CC: pkennedy@redhat.com, security-guide-list@redhat.com, sparks@redhat.com, zach@oglesby.co Target Milestone: --- Classification: Fedora
Description of problem: I tried to verify download of FEDORA 31 with GPG as described here: https://getfedora.org/security/ (German Version) If I download GPG Keys, Fedora 31 is not known: "gpg: Schlüssel E08E7E629DB62FB1: "Fedora 28 (28) fedora-28@fedoraproject.org" nicht geändert gpg: Schlüssel A20AA56B429476B4: "Fedora 29 (29) fedora-29@fedoraproject.org" nicht geändert gpg: Schlüssel EF3C111FCFC659B9: "Fedora (30) fedora-30-primary@fedoraproject.org" nicht geändert gpg: Schlüssel 3B49DF2A0608B895: "EPEL (6) epel@fedoraproject.org" nicht geändert gpg: Schlüssel 6A2FAEA2352C64E5: "Fedora EPEL (7) epel@fedoraproject.org" nicht geändert gpg: Schlüssel 7BB90722DBBDCF7C: "Fedora (iot 2019) fedora-iot-2019@fedoraproject.org" nicht geändert gpg: Anzahl insgesamt bearbeiteter Schlüssel: 6"
So, I cannot verify the checksum file: gpg --verify-files Fedora-Workstation-31-1.9-x86_64-CHECKSUM gpg: Signatur vom Fr 25 Okt 2019 15:09:48 CEST gpg: mittels RSA-Schlüssel 50CB390B3C3359C4 gpg: Signatur kann nicht geprüft werden: Kein öffentlicher Schlüssel
Also, if I try to use fingerprint: gpg2 --fingerprint 4096R/3C3359C4 2019-02-18 gpg: error reading key: Kein öffentlicher Schlüssel
Actual results: No pub key for fedora 31 download found.
Expected results: Successful verfification with gpg
Additional info: German language version of documentation
https://bugzilla.redhat.com/show_bug.cgi?id=1767317
--- Comment #1 from Petr Bokoc pbokoc@redhat.com --- Hello, thank you for the report. I just tried (using the English instructions, but the German page shows the same commands), and I get an entry for Fedora 31 now. It's possible that the fedora.gpg file wasn't updated when you tried it; can you please run "curl https://getfedora.org/static/fedora.gpg | gpg --import" again and let me know if it works for you now?
https://bugzilla.redhat.com/show_bug.cgi?id=1767317
xwarman@posteo.de xwarman@posteo.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG Last Closed| |2019-11-02 09:30:01
--- Comment #2 from xwarman@posteo.de xwarman@posteo.de --- Hi @Petr Bokoc, many thanks. It seems, you was right. I was to fast. Keys has not been published, as I tried it. Now, everything is fine:
curl https://getfedora.org/static/fedora.gpg | gpg --import % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 10955 100 10955 0 0 10041 0 0:00:01 0:00:01 --:--:-- 10041 gpg: Schlüssel EF3C111FCFC659B9: "Fedora (30) fedora-30-primary@fedoraproject.org" nicht geändert gpg: Schlüssel 50CB390B3C3359C4: Öffentlicher Schlüssel "Fedora (31) fedora-31-primary@fedoraproject.org" importiert gpg: Schlüssel 6C13026D12C944D0: Öffentlicher Schlüssel "Fedora (32) fedora-32-primary@fedoraproject.org" importiert gpg: Schlüssel 3B49DF2A0608B895: "EPEL (6) epel@fedoraproject.org" nicht geändert gpg: Schlüssel 6A2FAEA2352C64E5: "Fedora EPEL (7) epel@fedoraproject.org" nicht geändert gpg: Schlüssel 21EA45AB2F86D6A1: Öffentlicher Schlüssel "Fedora EPEL (8) epel@fedoraproject.org" importiert gpg: Schlüssel 7BB90722DBBDCF7C: "Fedora (iot 2019) fedora-iot-2019@fedoraproject.org" nicht geändert gpg: Anzahl insgesamt bearbeiteter Schlüssel: 7 gpg: importiert: 3 gpg: unverändert: 4
Thank you!
docs-qa@lists.fedoraproject.org
-
bugzilla@redhat.com