CommunityCellularManager
CommunityCellularManager copied to clipboard
facebookarchive
etagecom.io repsitories signed with sha1
Hello! Starting in apt version 1.4 gpg certificates using sha1 as the digest algorithm have been disabled (see this blogpost https://juliank.wordpress.com/2016/03/14/dropping-sha-1-support-in-apt/). This impacts debian9 and ubuntu 16.04 or later. It looks like the repository maintainers need to re-generate the repository signing keys using a modern digest algorithm (https://unix.stackexchange.com/questions/387053/debian-9-apt-and-gpg-error-inrelease-the-following-signatures-were-inva). I originally found this issue working to deploy a community cellular manager osomocom client onto a debian9 machine. Let me know if there is any more info I can provide. Cheers, -Matt J.
apt-get update errors:
W: GPG error: http://repo.endaga.com dev Release: The following signatures were invalid: 916E6D307A1F68A97BE79BA8982FB270664644E6
E: The repository 'http://repo.endaga.com dev Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://repo.etagecom.io dev Release: The following signatures were invalid: FDA0AA1640DB1B4741F0135FF1757AA7673FFA94
E: The repository 'http://repo.etagecom.io dev Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://repo.etagecom.io test Release: The following signatures were invalid: FDA0AA1640DB1B4741F0135FF1757AA7673FFA94
E: The repository 'http://repo.etagecom.io test Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://repo.etagecom.io beta Release: The following signatures were invalid: FDA0AA1640DB1B4741F0135FF1757AA7673FFA94
E: The repository 'http://repo.etagecom.io beta Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://repo.etagecom.io stable Release: The following signatures were invalid: FDA0AA1640DB1B4741F0135FF1757AA7673FFA94
E: The repository 'http://repo.etagecom.io stable Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
pgpdump of downloaded etagecom.io public key showing SHA1 as the digest:
vagrant@endaga-client-osmocom:~$ pgpdump pubkey.gpg
Old: Public Key Packet(tag 6)(525 bytes)
Ver 4 - new
Public key creation time - Sat Dec 5 21:14:07 GMT 2015
Pub alg - RSA Encrypt or Sign(pub 1)
RSA n(4096 bits) - ...
RSA e(17 bits) - ...
Old: User ID Packet(tag 13)(35 bytes)
User ID - Package Repo <[email protected]>
Old: Signature Packet(tag 2)(568 bytes)
Ver 4 - new
Sig type - Positive certification of a User ID and Public Key packet(0x13).
Pub alg - RSA Encrypt or Sign(pub 1)
Hash alg - SHA1(hash 2)
Hashed Sub: signature creation time(sub 2)(4 bytes)
Time - Sat Dec 5 21:14:07 GMT 2015
...
Doesn't @kheimerl have access to the endaga.com repo? I think he and @shaddi are the repo maintainers.
Yes I can update the endaga one, not the etage one.
On Tue, Jan 16, 2018 at 1:14 PM, Steve Muir [email protected] wrote:
Doesn't @kheimerl https://github.com/kheimerl have access to the endaga.com repo? I think he and @shaddi https://github.com/shaddi are the repo maintainers.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/facebookincubator/CommunityCellularManager/issues/91#issuecomment-358107930, or mute the thread https://github.com/notifications/unsubscribe-auth/AA_rnziD5fDCPUEd0cTLEfq2yNeAdZlUks5tLREqgaJpZM4RbrY8 .
