-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Jean-Michel, all,
On 20/08/2014 09:15, Jean-Michel Barbet wrote:
> Performing wlcg-vobox installation on a newly installed SL6 machine, I
> get these worrying messages :
I can (authoritatively ;-) say that the EUGridPMA signing key #3 should
have this fingerprint
pub 1024D/3CDBBC71 2005-07-12
Key fingerprint = D12E 9228 22BE 64D5 0146 188B C32D 99C8 3CDB BC71
uid EUGridPMA Distribution Signing Key 3 <[log in to unmask]>
and if I (from within AS1103 and AS3265) retrieve the EUGridPMA key from
the URL, it looks fine:
date && wget -q -O GPG-KEY-EUGridPMA-RPM-3
http://repository.egi.eu/sw/production/cas/1/GPG-KEY-EUGridPMA-RPM-3 && gpg
- --with-fingerprint GPG-KEY-EUGridPMA-RPM-3
gives:
Wed Aug 20 09:26:06 CEST 2014
pub 1024D/3CDBBC71 2005-07-12 EUGridPMA Distribution Signing Key 3
<[log in to unmask]>
Key fingerprint = D12E 9228 22BE 64D5 0146 188B C32D 99C8 3CDB BC71
but if you did import the key before (this is not a fresh install) AND you
get a key with a different printprint (use the gpg command as above to show
the fingerprint for the keys), that it IS worrysome and your connection is
either corrupt or being spoofed.
For the other keys I'm not authoritative so I cannot give you the
fingerprints.
Cheers,
DavidG.
>
> -------------- warning: rpmts_HdrFromFdno: Header V4 DSA/SHA1 Signature,
> key ID b4d025b3: NOKEY Retrieving key from
> http://emisoft.web.cern.ch/emisoft/dist/EMI/3/RPM-GPG-KEY-emi Importing
> GPG key 0xDF9E12EF: Userid: "Doina Cristina Aiftimiei (EMI Release
> Manager) <[log in to unmask]>" From :
> http://emisoft.web.cern.ch/emisoft/dist/EMI/3/RPM-GPG-KEY-emi Is this ok
> [y/N]: y Retrieving key from
> http://repo-rpm.ige-project.eu/RPM-GPG-KEY-IGE Importing GPG key
> 0xB4D025B3: Userid: "Initiative for Globus in Europe - short (IGE)
> <[log in to unmask]>" From :
> http://repo-rpm.ige-project.eu/RPM-GPG-KEY-IGE Is this ok [y/N]: y
> Retrieving key from
> http://repository.egi.eu/sw/production/umd/UMD-RPM-PGP-KEY Importing GPG
> key 0x96B71B07: Userid: "Kostas Koumantaros (UMD Release Manager)
> <[log in to unmask]>" From :
> http://repository.egi.eu/sw/production/umd/UMD-RPM-PGP-KEY Is this ok
> [y/N]: y warning: rpmts_HdrFromFdno: Header V3 DSA/SHA1 Signature, key ID
> 3cdbbc71: NOKEY Retrieving key from
> http://repository.egi.eu/sw/production/cas/1/GPG-KEY-EUGridPMA-RPM-3
> Importing GPG key 0x3CDBBC71: Userid: "EUGridPMA Distribution Signing Key
> 3 <[log in to unmask]>" From :
> http://repository.egi.eu/sw/production/cas/1/GPG-KEY-EUGridPMA-RPM-3 Is
> this ok [y/N]: y warning: rpmts_HdrFromFdno: Header V3 DSA/SHA1
> Signature, key ID 240a5db2: NOKEY Retrieving key from
> http://emisoft.web.cern.ch/emisoft/dist/EMI/3/RPM-GPG-KEY-emi Retrieving
> key from http://repo-rpm.ige-project.eu/RPM-GPG-KEY-IGE Retrieving key
> from http://repository.egi.eu/sw/production/umd/UMD-RPM-PGP-KEY
>
>
> The GPG keys listed for the "UMD 3 updates (SL6)" repository are already
> installed but they are not correct for this package. Check that the
> correct key URLs are configured for this repository. --------------
>
> => What does this mean, should I be worried and how to correct this ?
>
> Thank you
>
> JM
>
>
>
- --
David Groep
** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group **
** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlP0Th0ACgkQcnpzXG8phBhDGQCfSWnDsoJQ33z2O4VYXStXwkh6
a9oAnRwi1L8Zt9smv1y3d2g6B8CqdWPq
=Qu8W
-----END PGP SIGNATURE-----
|