Opened 3 months ago

Closed 3 months ago

#26027 closed defect (invalid)

Installation issues

Reported by: lili Owned by:
Priority: High Milestone:
Component: Applications Version:
Severity: Major Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Installation of NYX (on Arch)
% wget https://aur.archlinux.org/cgit/aur.git/snapshot/nyx.tar.gz
% tar -xvf nyx.tar.gz
% cd nyx; makepkg --install

last step gives error:
verifying source file signatures with gpg...

nyx-2.0.4.tar.gz ... FAILED (unknown public key 888404C187F30690)

==> ERROR: One or more PGP signatures could not be verified!

The same thing happens, during the same step (makepkg) if I use the source repository (tried both the one on your site and the arch aur one)

Child Tickets

Change History (2)

comment:1 Changed 3 months ago by atagar

Hi lili. Alex maintains Nyx for ArchLinux (I don't know much about it), but I took a quick peek around. The AUR signature [1] is the same as the one I uploaded to PyPI. So it should be verifiable with my key [3]. Trouble is that 888404C187F30690 looks to be the wrong key. On first glance not sure who's it is.

[1] https://aur.archlinux.org/packages/nyx/
[2] https://pypi.org/project/Nyx/
[3] https://www.atagar.com/pgp.php

comment:2 in reply to:  1 Changed 3 months ago by gk

Keywords: nyx installation removed
Milestone: Tor: unspecified
Resolution: invalid
Status: newclosed
Version: Tor: unspecified

Replying to atagar:

Hi lili. Alex maintains Nyx for ArchLinux (I don't know much about it), but I took a quick peek around. The AUR signature [1] is the same as the one I uploaded to PyPI. So it should be verifiable with my key [3]. Trouble is that 888404C187F30690 looks to be the wrong key. On first glance not sure who's it is.

Seems it is your signing subkey bound to 0x0445B7AB9ABBEEC6, no?

I guess this issue could easily be fixed by importing that key first. At any rate, this is not an applications bug.

Note: See TracTickets for help on using tickets.