Mailing List Archive

Thu, Mar 22, 2018 at 01:46:09PM -0400, Lee:
> On 3/22/18, heasley <heas@shrubbery.net> wrote:
> > Thu, Mar 22, 2018 at 04:02:43PM +0000, Lauri Haveri:
> >> Hello again and thanks for the answers!
> >>
> >> My device happens to be SRX100b and version of the Rancid is 3.3.
> >>
> >> I got from “apt-get install rancid cvs”
> >
> > Please install rancid 3/7. It is available here:
> > ftp://ftp.shrubbery.net/pub/ranciD
>
> Which has a detached sig -- thank you!! But what key was used for signing?

mine

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

On 3/22/18, heasley <heas@shrubbery.net> wrote:
> Thu, Mar 22, 2018 at 01:46:09PM -0400, Lee:
>> On 3/22/18, heasley <heas@shrubbery.net> wrote:
>> > Thu, Mar 22, 2018 at 04:02:43PM +0000, Lauri Haveri:
>> >> Hello again and thanks for the answers!
>> >>
>> >> My device happens to be SRX100b and version of the Rancid is 3.3.
>> >>
>> >> I got from “apt-get install rancid cvs”
>> >
>> > Please install rancid 3/7. It is available here:
>> > ftp://ftp.shrubbery.net/pub/ranciD
>>
>> Which has a detached sig -- thank you!! But what key was used for
>> signing?
>
> mine

touché

I don't have your key, so verifying the fingerprint would be nice; a
file I can gpg --import even better

Thanks
Lee

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

gpg --search-keys heas@shrubbery.net

-Sent from my Pip-Boy 3000

> On Mar 22, 2018, at 11:07 AM, Lee <ler762@gmail.com> wrote:
>
>> On 3/22/18, heasley <heas@shrubbery.net> wrote:
>> Thu, Mar 22, 2018 at 01:46:09PM -0400, Lee:
>>>> On 3/22/18, heasley <heas@shrubbery.net> wrote:
>>>> Thu, Mar 22, 2018 at 04:02:43PM +0000, Lauri Haveri:
>>>>> Hello again and thanks for the answers!
>>>>>
>>>>> My device happens to be SRX100b and version of the Rancid is 3.3.
>>>>>
>>>>> I got from “apt-get install rancid cvs”
>>>>
>>>> Please install rancid 3/7. It is available here:
>>>> ftp://ftp.shrubbery.net/pub/ranciD
>>>
>>> Which has a detached sig -- thank you!! But what key was used for
>>> signing?
>>
>> mine
>
> touché
>
> I don't have your key, so verifying the fingerprint would be nice; a
> file I can gpg --import even better
>
> Thanks
> Lee
>
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss@shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

On 3/22/18, Boheme <boheme@gmail.com> wrote:
> gpg --search-keys heas@shrubbery.net

Thanks, but that's not the positive ack I'm looking for.

Maybe he did use a key created in 1996 & maybe that really is his key,
but I'd rather get the fingerprint from him instead of just searching
for a key that works.

$ gpg --verify rancid-3.7.tar.gz.sig rancid-3.7.tar.gz
gpg: Signature made Wed, Mar 7, 2018 7:32:42 PM EST
gpg: using RSA key 0x4B2BDD527A774C09
gpg: Can't check signature: public key not found

$ gpg --search-keys heas@shrubbery.net
gpg: searching for "heas@shrubbery.net" from hkps server
hkps.pool.sks-keyservers.net
(1) John Heasley <heas@shrubbery.net>
2048 bit RSA key 0xFC860A57C2B34FCB, created: 2015-07-06
(2) John Heasley <heas@shrubbery.net>
2048 bit DSA key 0x4472A69EB6650559, created: 2015-04-23
(3) John Heasley <heas@shrubbery.net>
1024 bit RSA key 0x0A5CE6407A774C09, created: 2014-06-16 (revoked)
(4) John Heasley <heas@shrubbery.net>
1024 bit RSA key 0x4B2BDD527A774C09, created: 1996-12-20
Keys 1-4 of 4 for "heas@shrubbery.net". Enter number(s), N)ext, or Q)uit > q



>> On Mar 22, 2018, at 11:07 AM, Lee <ler762@gmail.com> wrote:
>>
>>> On 3/22/18, heasley <heas@shrubbery.net> wrote:
>>> Thu, Mar 22, 2018 at 01:46:09PM -0400, Lee:
>>>>> On 3/22/18, heasley <heas@shrubbery.net> wrote:
>>>>> Thu, Mar 22, 2018 at 04:02:43PM +0000, Lauri Haveri:
>>>>>> Hello again and thanks for the answers!
>>>>>>
>>>>>> My device happens to be SRX100b and version of the Rancid is 3.3.
>>>>>>
>>>>>> I got from “apt-get install rancid cvs”
>>>>>
>>>>> Please install rancid 3/7. It is available here:
>>>>> ftp://ftp.shrubbery.net/pub/ranciD
>>>>
>>>> Which has a detached sig -- thank you!! But what key was used for
>>>> signing?
>>>
>>> mine
>>
>> touché
>>
>> I don't have your key, so verifying the fingerprint would be nice; a
>> file I can gpg --import even better
>>
>> Thanks
>> Lee

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss

Thu, Mar 22, 2018 at 04:13:35PM -0400, Lee:
> On 3/22/18, Boheme <boheme@gmail.com> wrote:
> > gpg --search-keys heas@shrubbery.net
>
> Thanks, but that's not the positive ack I'm looking for.
>
> Maybe he did use a key created in 1996 & maybe that really is his key,
> but I'd rather get the fingerprint from him instead of just searching
> for a key that works.

i hadnt noticed that it was using the old key; the tool behavior changed
and i didnt notice. future sigs will use the more recent key/subkey.

> $ gpg --verify rancid-3.7.tar.gz.sig rancid-3.7.tar.gz
> gpg: Signature made Wed, Mar 7, 2018 7:32:42 PM EST
> gpg: using RSA key 0x4B2BDD527A774C09
> gpg: Can't check signature: public key not found
>
> $ gpg --search-keys heas@shrubbery.net
> gpg: searching for "heas@shrubbery.net" from hkps server
> hkps.pool.sks-keyservers.net
> (1) John Heasley <heas@shrubbery.net>
> 2048 bit RSA key 0xFC860A57C2B34FCB, created: 2015-07-06
> (2) John Heasley <heas@shrubbery.net>
> 2048 bit DSA key 0x4472A69EB6650559, created: 2015-04-23
> (3) John Heasley <heas@shrubbery.net>
> 1024 bit RSA key 0x0A5CE6407A774C09, created: 2014-06-16 (revoked)
> (4) John Heasley <heas@shrubbery.net>
> 1024 bit RSA key 0x4B2BDD527A774C09, created: 1996-12-20
> Keys 1-4 of 4 for "heas@shrubbery.net". Enter number(s), N)ext, or Q)uit > q
>
>
>
> >> On Mar 22, 2018, at 11:07 AM, Lee <ler762@gmail.com> wrote:
> >>
> >>> On 3/22/18, heasley <heas@shrubbery.net> wrote:
> >>> Thu, Mar 22, 2018 at 01:46:09PM -0400, Lee:
> >>>>> On 3/22/18, heasley <heas@shrubbery.net> wrote:
> >>>>> Thu, Mar 22, 2018 at 04:02:43PM +0000, Lauri Haveri:
> >>>>>> Hello again and thanks for the answers!
> >>>>>>
> >>>>>> My device happens to be SRX100b and version of the Rancid is 3.3.
> >>>>>>
> >>>>>> I got from “apt-get install rancid cvs”
> >>>>>
> >>>>> Please install rancid 3/7. It is available here:
> >>>>> ftp://ftp.shrubbery.net/pub/ranciD
> >>>>
> >>>> Which has a detached sig -- thank you!! But what key was used for
> >>>> signing?
> >>>
> >>> mine
> >>
> >> touché
> >>
> >> I don't have your key, so verifying the fingerprint would be nice; a
> >> file I can gpg --import even better
> >>
> >> Thanks
> >> Lee

_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss