weloki
2012-Mar-21 21:55 UTC
[Puppet Users] Help importing public key to verify Puppet release
I''m running Ubuntu server 10.04 LTS and the public repo housing Puppet is currently at 0.25.4-2ubuntu6.6. I want to run Puppet 2.7.12 but I''m experiencing the following issues: apt-get update throws this message... W: GPG error: http://apt.puppetlabs.com lucid Release: The following signatures couldn''t be verified because the public key is not available: NO_PUBKEY 1054B7A24BD6EC30 This is what I see when I follow the directions to import the release signing key (at http://projects.puppetlabs.com/projects/1/wiki/Downloading_Puppet#Verifying+Puppet+Downloads): gpg --recv-key 4BD6EC30 gpg: no keyserver known (use option --keyserver) gpg: keyserver receive failed: bad URI And trying this... apt-key adv --keyserver keyserver.ubuntu.com --recv 4BD6EC30 or apt-key adv --keyserver apt.puppetlabs.com --recv 4BD6EC30 yields: Executing: gpg --ignore-time-conflict --no-options --no-default- keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/ trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/ trusted.gpg --keyserver keyserver.ubuntu.com --recv 4BD6EC30 gpg: requesting key 4BD6EC30 from hkp server keyserver.ubuntu.com gpgkeys: HTTP fetch error 7: couldn''t connect to host gpg: no valid OpenPGP data found. gpg: Total number processed: 0 Also, in Landscape, I see these hosts with package reporting issues - the package reporter error: error: Channel ''lucid - main'' signed with unknown key -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Nan Liu
2012-Mar-21 22:50 UTC
Re: [Puppet Users] Help importing public key to verify Puppet release
On Wed, Mar 21, 2012 at 2:55 PM, weloki <weloki@gmail.com> wrote:> I''m running Ubuntu server 10.04 LTS and the public repo housing Puppet > is currently at 0.25.4-2ubuntu6.6. I want to run Puppet 2.7.12 but I''m > experiencing the following issues: > > apt-get update throws this message... > W: GPG error: http://apt.puppetlabs.com lucid Release: The following > signatures couldn''t be verified because the public key is not > available: NO_PUBKEY 1054B7A24BD6EC30 > > > This is what I see when I follow the directions to import the release > signing key (at http://projects.puppetlabs.com/projects/1/wiki/Downloading_Puppet#Verifying+Puppet+Downloads): > > gpg --recv-key 4BD6EC30 > gpg: no keyserver known (use option --keyserver) > gpg: keyserver receive failed: bad URI > > > And trying this... > > apt-key adv --keyserver keyserver.ubuntu.com --recv 4BD6EC30 > or > apt-key adv --keyserver apt.puppetlabs.com --recv 4BD6EC30 > > yields: > > Executing: gpg --ignore-time-conflict --no-options --no-default- > keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/ > trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/ > trusted.gpg --keyserver keyserver.ubuntu.com --recv 4BD6EC30 > gpg: requesting key 4BD6EC30 from hkp server keyserver.ubuntu.com > gpgkeys: HTTP fetch error 7: couldn''t connect to host > gpg: no valid OpenPGP data found. > gpg: Total number processed: 0 > > > Also, in Landscape, I see these hosts with package reporting issues - > the package reporter error: > > error: Channel ''lucid - main'' signed with unknown keyThis is the line in cloud provisioner that does the key verification: # Download and install the puppetlabs apt public apt-key adv --recv-key --keyserver pool.sks-keyservers.net 4BD6EC30 Thanks, Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
weloki
2012-Mar-22 15:37 UTC
[Puppet Users] Re: Help importing public key to verify Puppet release
I''ve tried that and I still get: Executing: gpg --ignore-time-conflict --no-options --no-default- keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/ trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/ trusted.gpg --recv-key --keyserver pool.sks-keyservers.net 4BD6EC30 gpg: requesting key 4BD6EC30 from hkp server pool.sks-keyservers.net gpgkeys: HTTP fetch error 7: couldn''t connect to host gpg: no valid OpenPGP data found. gpg: Total number processed: 0 On Mar 21, 6:50 pm, Nan Liu <n...@puppetlabs.com> wrote:> On Wed, Mar 21, 2012 at 2:55 PM, weloki <wel...@gmail.com> wrote: > > I''m running Ubuntu server 10.04 LTS and the public repo housing Puppet > > is currently at 0.25.4-2ubuntu6.6. I want to run Puppet 2.7.12 but I''m > > experiencing the following issues: > > > apt-get update throws this message... > > W: GPG error:http://apt.puppetlabs.comlucid Release: The following > > signatures couldn''t be verified because the public key is not > > available: NO_PUBKEY 1054B7A24BD6EC30 > > > This is what I see when I follow the directions to import the release > > signing key (athttp://projects.puppetlabs.com/projects/1/wiki/Downloading_Puppet#Ver... > > > gpg --recv-key 4BD6EC30 > > gpg: no keyserver known (use option --keyserver) > > gpg: keyserver receive failed: bad URI > > > And trying this... > > > apt-key adv --keyserver keyserver.ubuntu.com --recv 4BD6EC30 > > or > > apt-key adv --keyserver apt.puppetlabs.com --recv 4BD6EC30 > > > yields: > > > Executing: gpg --ignore-time-conflict --no-options --no-default- > > keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/ > > trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/ > > trusted.gpg --keyserver keyserver.ubuntu.com --recv 4BD6EC30 > > gpg: requesting key 4BD6EC30 from hkp server keyserver.ubuntu.com > > gpgkeys: HTTP fetch error 7: couldn''t connect to host > > gpg: no valid OpenPGP data found. > > gpg: Total number processed: 0 > > > Also, in Landscape, I see these hosts with package reporting issues - > > the package reporter error: > > > error: Channel ''lucid - main'' signed with unknown key > > This is the line in cloud provisioner that does the key verification: > > # Download and install the puppetlabs apt public > apt-key adv --recv-key --keyserver pool.sks-keyservers.net 4BD6EC30 > > Thanks, > > Nan-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Nan Liu
2012-Mar-22 16:38 UTC
Re: [Puppet Users] Re: Help importing public key to verify Puppet release
On Thu, Mar 22, 2012 at 8:37 AM, weloki <weloki@gmail.com> wrote:> I''ve tried that and I still get: > > Executing: gpg --ignore-time-conflict --no-options --no-default- > keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/ > trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/ > trusted.gpg --recv-key --keyserver pool.sks-keyservers.net 4BD6EC30 > gpg: requesting key 4BD6EC30 from hkp server pool.sks-keyservers.net > gpgkeys: HTTP fetch error 7: couldn''t connect to host > gpg: no valid OpenPGP data found. > gpg: Total number processed: 0 > > > On Mar 21, 6:50 pm, Nan Liu <n...@puppetlabs.com> wrote: >> On Wed, Mar 21, 2012 at 2:55 PM, weloki <wel...@gmail.com> wrote: >> > I''m running Ubuntu server 10.04 LTS and the public repo housing Puppet >> > is currently at 0.25.4-2ubuntu6.6. I want to run Puppet 2.7.12 but I''m >> > experiencing the following issues: >> >> > apt-get update throws this message... >> > W: GPG error:http://apt.puppetlabs.comlucid Release: The following >> > signatures couldn''t be verified because the public key is not >> > available: NO_PUBKEY 1054B7A24BD6EC30 >> >> > This is what I see when I follow the directions to import the release >> > signing key (athttp://projects.puppetlabs.com/projects/1/wiki/Downloading_Puppet#Ver... >> >> > gpg --recv-key 4BD6EC30 >> > gpg: no keyserver known (use option --keyserver) >> > gpg: keyserver receive failed: bad URI >> >> > And trying this... >> >> > apt-key adv --keyserver keyserver.ubuntu.com --recv 4BD6EC30 >> > or >> > apt-key adv --keyserver apt.puppetlabs.com --recv 4BD6EC30 >> >> > yields: >> >> > Executing: gpg --ignore-time-conflict --no-options --no-default- >> > keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/ >> > trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/ >> > trusted.gpg --keyserver keyserver.ubuntu.com --recv 4BD6EC30 >> > gpg: requesting key 4BD6EC30 from hkp server keyserver.ubuntu.com >> > gpgkeys: HTTP fetch error 7: couldn''t connect to host >> > gpg: no valid OpenPGP data found. >> > gpg: Total number processed: 0 >> >> > Also, in Landscape, I see these hosts with package reporting issues - >> > the package reporter error: >> >> > error: Channel ''lucid - main'' signed with unknown key >> >> This is the line in cloud provisioner that does the key verification: >> >> # Download and install the puppetlabs apt public >> apt-key adv --recv-key --keyserver pool.sks-keyservers.net 4BD6EC30 >>Can you reach the key server? Do you have a proxy or firewall in between? What does the following command return? curl keyserver.ubuntu.com curl pool.sks-keyservers.net Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
weloki
2012-Mar-22 21:23 UTC
[Puppet Users] Re: Help importing public key to verify Puppet release
I do not have a proxy or firewall in between.
Doing the curl command for the first keyserver returns to me the html
of the welcome page containing this markup...
<h1> SKS OpenPGP Keyserver <br> @keyserver.ubuntu.com</h1>
The second one gives me the html containing...
<h1>Forbidden</h1>
<p>You don''t have permission to access /
on this server.</p>
Also, when I try to submit a query to extract a key over the web at
http://keyserver.ubuntu.com I see this error in my browser:
Unable to connect.
Firefox can''t establish a connection to the server at
keyserver.ubuntu.com:11371
On Mar 22, 12:38 pm, Nan Liu <n...@puppetlabs.com>
wrote:> On Thu, Mar 22, 2012 at 8:37 AM, weloki <wel...@gmail.com> wrote:
> > I''ve tried that and I still get:
>
> > Executing: gpg --ignore-time-conflict --no-options --no-default-
> > keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/
> > trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/
> > trusted.gpg --recv-key --keyserver pool.sks-keyservers.net 4BD6EC30
> > gpg: requesting key 4BD6EC30 from hkp server pool.sks-keyservers.net
> > gpgkeys: HTTP fetch error 7: couldn''t connect to host
> > gpg: no valid OpenPGP data found.
> > gpg: Total number processed: 0
>
> > On Mar 21, 6:50 pm, Nan Liu <n...@puppetlabs.com> wrote:
> >> On Wed, Mar 21, 2012 at 2:55 PM, weloki <wel...@gmail.com>
wrote:
> >> > I''m running Ubuntu server 10.04 LTS and the public
repo housing Puppet
> >> > is currently at 0.25.4-2ubuntu6.6. I want to run Puppet
2.7.12 but I''m
> >> > experiencing the following issues:
>
> >> > apt-get update throws this message...
> >> > W: GPG error:http://apt.puppetlabs.comlucidRelease: The
following
> >> > signatures couldn''t be verified because the public
key is not
> >> > available: NO_PUBKEY 1054B7A24BD6EC30
>
> >> > This is what I see when I follow the directions to import the
release
> >> > signing key
(athttp://projects.puppetlabs.com/projects/1/wiki/Downloading_Puppet#Ver...
>
> >> > gpg --recv-key 4BD6EC30
> >> > gpg: no keyserver known (use option --keyserver)
> >> > gpg: keyserver receive failed: bad URI
>
> >> > And trying this...
>
> >> > apt-key adv --keyserver keyserver.ubuntu.com --recv 4BD6EC30
> >> > or
> >> > apt-key adv --keyserver apt.puppetlabs.com --recv 4BD6EC30
>
> >> > yields:
>
> >> > Executing: gpg --ignore-time-conflict --no-options
--no-default-
> >> > keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name
/etc/apt/
> >> > trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring
/etc/apt/
> >> > trusted.gpg --keyserver keyserver.ubuntu.com --recv 4BD6EC30
> >> > gpg: requesting key 4BD6EC30 from hkp server
keyserver.ubuntu.com
> >> > gpgkeys: HTTP fetch error 7: couldn''t connect to
host
> >> > gpg: no valid OpenPGP data found.
> >> > gpg: Total number processed: 0
>
> >> > Also, in Landscape, I see these hosts with package reporting
issues -
> >> > the package reporter error:
>
> >> > error: Channel ''lucid - main'' signed with
unknown key
>
> >> This is the line in cloud provisioner that does the key
verification:
>
> >> # Download and install the puppetlabs apt public
> >> apt-key adv --recv-key --keyserver pool.sks-keyservers.net
4BD6EC30
>
> Can you reach the key server? Do you have a proxy or firewall in
> between? What does the following command return?
>
> curl keyserver.ubuntu.com
> curl pool.sks-keyservers.net
>
> Nan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
weloki
2012-Apr-20 17:10 UTC
[Puppet Users] Re: Help importing public key to verify Puppet release
Solved. My workaround included manually downloading, importing and adding they key to my keyring with the following set of commands: wget http://apt.puppetlabs.com/pubkey.gpg gpg --import pubkey.gpg gpg -a --export 4BD6EC30 | apt-key add - On Mar 22, 5:23 pm, weloki <wel...@gmail.com> wrote:> I do not have a proxy or firewall in between. > Doing the curl command for the first keyserver returns to me the html > of the welcome page containing this markup... > > <h1> SKS OpenPGP Keyserver <br> @keyserver.ubuntu.com</h1> > > The second one gives me the html containing... > > <h1>Forbidden</h1> > <p>You don''t have permission to access / > on this server.</p> > > Also, when I try to submit a query to extract a key over the web athttp://keyserver.ubuntu.comI see this error in my browser: > > Unable to connect. > Firefox can''t establish a connection to the server at > keyserver.ubuntu.com:11371 > > On Mar 22, 12:38 pm, Nan Liu <n...@puppetlabs.com> wrote: > > > > > > > > > On Thu, Mar 22, 2012 at 8:37 AM, weloki <wel...@gmail.com> wrote: > > > I''ve tried that and I still get: > > > > Executing: gpg --ignore-time-conflict --no-options --no-default- > > > keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/ > > > trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/ > > > trusted.gpg --recv-key --keyserver pool.sks-keyservers.net 4BD6EC30 > > > gpg: requesting key 4BD6EC30 from hkp server pool.sks-keyservers.net > > > gpgkeys: HTTP fetch error 7: couldn''t connect to host > > > gpg: no valid OpenPGP data found. > > > gpg: Total number processed: 0 > > > > On Mar 21, 6:50 pm, Nan Liu <n...@puppetlabs.com> wrote: > > >> On Wed, Mar 21, 2012 at 2:55 PM, weloki <wel...@gmail.com> wrote: > > >> > I''m running Ubuntu server 10.04 LTS and the public repo housing Puppet > > >> > is currently at 0.25.4-2ubuntu6.6. I want to run Puppet 2.7.12 but I''m > > >> > experiencing the following issues: > > > >> > apt-get update throws this message... > > >> > W: GPG error:http://apt.puppetlabs.comlucidRelease:The following > > >> > signatures couldn''t be verified because the public key is not > > >> > available: NO_PUBKEY 1054B7A24BD6EC30 > > > >> > This is what I see when I follow the directions to import the release > > >> > signing key (athttp://projects.puppetlabs.com/projects/1/wiki/Downloading_Puppet#Ver... > > > >> > gpg --recv-key 4BD6EC30 > > >> > gpg: no keyserver known (use option --keyserver) > > >> > gpg: keyserver receive failed: bad URI > > > >> > And trying this... > > > >> > apt-key adv --keyserver keyserver.ubuntu.com --recv 4BD6EC30 > > >> > or > > >> > apt-key adv --keyserver apt.puppetlabs.com --recv 4BD6EC30 > > > >> > yields: > > > >> > Executing: gpg --ignore-time-conflict --no-options --no-default- > > >> > keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/ > > >> > trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/ > > >> > trusted.gpg --keyserver keyserver.ubuntu.com --recv 4BD6EC30 > > >> > gpg: requesting key 4BD6EC30 from hkp server keyserver.ubuntu.com > > >> > gpgkeys: HTTP fetch error 7: couldn''t connect to host > > >> > gpg: no valid OpenPGP data found. > > >> > gpg: Total number processed: 0 > > > >> > Also, in Landscape, I see these hosts with package reporting issues - > > >> > the package reporter error: > > > >> > error: Channel ''lucid - main'' signed with unknown key > > > >> This is the line in cloud provisioner that does the key verification: > > > >> # Download and install the puppetlabs apt public > > >> apt-key adv --recv-key --keyserver pool.sks-keyservers.net 4BD6EC30 > > > Can you reach the key server? Do you have a proxy or firewall in > > between? What does the following command return? > > > curl keyserver.ubuntu.com > > curl pool.sks-keyservers.net > > > Nan-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.