Hi!
Thanks for building an excellent Linux distro that I have been using for about 16 versions now :-)
In trying to upgrade my Fedora 29 to Fedora 30, using the instructions listed on this page : https://fedoraproject.org/wiki/DNF_system_upgrade , I was prompted to verify trust in the RPM signing keys.
Fedora Modular 30 - x86_64 1.6 MB/s | 1.6 kB 00:00 Importing GPG key 0xCFC659B9: Userid : "Fedora (30) fedora-30-primary@fedoraproject.org" Fingerprint: F1D8 EC98 F241 AAF2 0DF6 9420 EF3C 111F CFC6 59B9 From : /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-30-x86_64 Is this ok [y/N]:
When I searched for the fingerprint to verify it (which I like to do so that I can trust the keys atleast as much as I trust the TLS certificate) , my first result was for the page https://getfedora.org/keys/ . However clicking on that link now gives me a 404. I ended up using a version of the page cached by the search engine to verify the keys.
Has something else replaced the page? Or maybe was it inadvertently not published?
Thanks Ravi
Hi,
raviprakash06 wrote:
In trying to upgrade my Fedora 29 to Fedora 30, using the instructions listed on this page : https://fedoraproject.org/wiki/DNF_system_upgrade , I was prompted to verify trust in the RPM signing keys.
...
When I searched for the fingerprint to verify it (which I like to do so that I can trust the keys atleast as much as I trust the TLS certificate) , my first result was for the page https://getfedora.org/keys/ . However clicking on that link now gives me a 404. I ended up using a version of the page cached by the search engine to verify the keys.
Has something else replaced the page? Or maybe was it inadvertently not published?
It looks like the site was recently updated and some things moved around. I think the keys are now here:
https://getfedora.org/en/security/
(which is hopefully also translated to many other languages.)
It might be worth mentioning this to the websites team¹. Perhaps a redirect would be good to put in place from the previous /keys/ location to the current page.
¹ https://pagure.io/fedora-web/websites/
Hi,
I wrote:
raviprakash06 wrote:
When I searched for the fingerprint to verify it (which I like to do so that I can trust the keys atleast as much as I trust the TLS certificate) , my first result was for the page https://getfedora.org/keys/ . However clicking on that link now gives me a 404.
...
It looks like the site was recently updated and some things moved around. I think the keys are now here:
https://getfedora.org/en/security/(which is hopefully also translated to many other languages.)
It might be worth mentioning this to the websites team¹. Perhaps a redirect would be good to put in place from the previous /keys/ location to the current page.
Someone filed a ticket in bugzilla yesterday about a related problem (the fedora.gpg file was also 404):
https://bugzilla.redhat.com/1709689
That issue is resolved. A redirect may be added from /keys as well, to make the transistion easier for future users who run into it.
Should this page also be monitored by https://status.fedoraproject.org/?
On 5/17/19 7:50 AM, John Florian wrote:
Should this page also be monitored by https://status.fedoraproject.org/?
https://fedorastatus.org has no monitoring ability, it is manually updated when we know there is a problem or outage.
We do have a nagios server, but not sure monitoring this page specifically is worth while. It changes rarely, and this was simply a issue with the websites re-write.
kevin
Just checked the link, and it shows that it is using a security certificate that is only for redhat.com sites? Had to add an exception to have it load.
Not sure why it is being done manually. Before I retired, had a little php script that would update automatically, but it was just checking if connections could be made to various servers, and would send emails when things changed. Looked at the source of the page, but doesn't seem to show what the sites are for checking.
On 18 May 2019 at 16:49, Kevin Fenzi wrote:
Subject: Re: getfedora.org/keys 404 To: users@lists.fedoraproject.org From: Kevin Fenzi kevin@scrye.com Date sent: Sat, 18 May 2019 16:49:22 -0700 Send reply to: Community support for Fedora users users@lists.fedoraproject.org
On 5/17/19 7:50 AM, John Florian wrote:
Should this page also be monitored by https://status.fedoraproject.org/?
https://fedorastatus.org has no monitoring ability, it is manually updated when we know there is a problem or outage.
We do have a nagios server, but not sure monitoring this page specifically is worth while. It changes rarely, and this was simply a issue with the websites re-write.
kevin
+------------------------------------------------------------+ Michael D. Setzer II - Computer Science Instructor (Retired) mailto:mikes@guam.net mailto:msetzerii@gmail.com Guam - Where America's Day Begins G4L Disk Imaging Project maintainer http://sourceforge.net/projects/g4l/ +------------------------------------------------------------+
http://setiathome.berkeley.edu (Original) Number of Seti Units Returned: 19,471 Processing time: 32 years, 290 days, 12 hours, 58 minutes (Total Hours: 287,489)
BOINC@HOME CREDITS
ROSETTA 66311323.990119 | ABC 16613838.513356 SETI 109804121.703177 | EINSTEIN 141859222.999240
On 5/19/19 12:08 AM, Michael D. Setzer II wrote:
Just checked the link, and it shows that it is using a security certificate that is only for redhat.com sites? Had to add an exception to have it load.
Sorry, should be: https://www.fedorastatus.org/
Not sure why it is being done manually. Before I retired, had a little php script that would update automatically, but it was just checking if connections could be made to various servers, and would send emails when things changed. Looked at the source of the page, but doesn't seem to show what the sites are for checking.
Well, that's not the intent of that site. It's so that if folks see a problem, they can look and know if it's known/reported already/being worked on or not.
For monitoring we have a nagios setup. If it alerts we can decide if there is need to update status, just fix the issue or know that it won't directly impact anyone.
kevin --
On 18 May 2019 at 16:49, Kevin Fenzi wrote:
Subject: Re: getfedora.org/keys 404 To: users@lists.fedoraproject.org From: Kevin Fenzi kevin@scrye.com Date sent: Sat, 18 May 2019 16:49:22 -0700 Send reply to: Community support for Fedora users users@lists.fedoraproject.org
On 5/17/19 7:50 AM, John Florian wrote:
Should this page also be monitored by https://status.fedoraproject.org/?
https://fedorastatus.org has no monitoring ability, it is manually updated when we know there is a problem or outage.
We do have a nagios server, but not sure monitoring this page specifically is worth while. It changes rarely, and this was simply a issue with the websites re-write.
kevin
+------------------------------------------------------------+ Michael D. Setzer II - Computer Science Instructor (Retired) mailto:mikes@guam.net mailto:msetzerii@gmail.com Guam - Where America's Day Begins G4L Disk Imaging Project maintainer http://sourceforge.net/projects/g4l/ +------------------------------------------------------------+
http://setiathome.berkeley.edu (Original) Number of Seti Units Returned: 19,471 Processing time: 32 years, 290 days, 12 hours, 58 minutes (Total Hours: 287,489)
BOINC@HOME CREDITS
ROSETTA 66311323.990119 | ABC 16613838.513356 SETI 109804121.703177 | EINSTEIN 141859222.999240
-
John Florian -
Kevin Fenzi -
Michael D. Setzer II -
raviprakash06 -
Todd Zullinger