Cannot receive keys to verify the sha256sums file

babadoo · August 1, 2022, 10:41pm

Following the instructions here

I try to receive keys per Linux

Import GPG public key
gpg --receive-keys 88CA59E88F681580

but when I run it I get the following

gpg --receive-keys 88CA59E88F681580
gpg: key 88CA59E88F681580: new key but contains no user ID - skipped
gpg: Total number processed: 1
gpg: w/o user IDs: 1

Using GPG version 2.2.19

mbo2o · August 1, 2022, 10:50pm

https://super-unix.com/superuser/gpg-cant-import-key-new-key-but-contains-no-user-id-skipped/

babadoo · August 1, 2022, 11:05pm

Thanks very much for your reply. I am not sure how to implement the answer though:

Try to download the key from elsewhere, such as --keyserver hkps://keyserver.ubuntu.com

does that mean I add the argument --keyserver hkps://keyserver.ubuntu.com?
as in

gpg --keyserver hkps://keyserver.ubuntu.com --receive-keys 88CA59E88F681580

mbo2o · August 2, 2022, 12:25am

I assume yes.

spence · August 2, 2022, 8:37pm

In reply to:

I'm not a gpg expert by any means but It is my understanding that in general the public key server system has been ruined and it is generally advised to get keys by other means. Without going into trustworthiness of key sources, you can get the public signing key files from the OpenWrt website and --install them rather than doing --receive-keys. Maybe that OpenWrt guide needs to be updated or I am unaware of a keyserver to point to.

As also linked to in the above referenced OpenWrt guide, the signing keys for OpenWrt builds are available at https://openwrt.org/docs/guide-user/security/signatures Note the different signing keys for each build version.

It looks like you are trying to install the key for the 21.02 release builds so find that section on that web page and click the download link to fetch the signature .asc file https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/88CA59E8.asc
install it with
gpg --import ~/path/to/file/gpg_88CA59E8.asc
You can check it with
gpg --list-keys --fingerprint 88CA59E88F681580

Here is the output of doing same on my computer:

$ gpg --import ~/gpg_88CA59E8.asc
gpg: key 88CA59E88F681580: public key "OpenWrt Build System (PGP key for 21.02 release builds) <pgpsign-21.02@openwrt.org>" imported
gpg: Total number processed: 1
gpg:               imported: 1
$
$ gpg --list-keys --fingerprint 88CA59E88F681580
pub   rsa4096 2021-02-20 [SC] [expires: 2023-02-20]
      6672 05E3 79BA F348 863A  5C66 88CA 59E8 8F68 1580
uid           [ unknown] OpenWrt Build System (PGP key for 21.02 release builds) <pgpsign-21.02@openwrt.org>
sub   rsa4096 2021-02-20 [E] [expires: 2023-02-20]
$

EDIT: I also verified the sha256sums file per the guide and it passed.

system · August 17, 2022, 2:54pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.