public key to verify xpad release signatures?

Asked by jcfp on 2016-06-10

Hi! While working on updating the xpad package in debian I noticed releases on launchpad (https://launchpad.net/xpad/+download) are signed, with an *.asc available for every release. Unfortunately, the public key with id A6F2322B needed to verify that signature seems rather elusive.

Trying to verify results in the key not found (also tried with another keyserver, same result):

$ gpg --verify /tmp/xpad-4.8.0.tar.bz2.asc ../xpad_4.8.0.tar.bz2
gpg: Signature made 2016-04-10T14:01:43 CEST using RSA key ID A6F2322B
gpg: requesting key A6F2322B from hkp server keyserver.ubuntu.com
gpgkeys: key 92BF2FCCA6F2322B not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
gpg: keyserver communications error: key not found
gpg: keyserver communications error: bad public key
gpg: Can't check signature: public key not found

Any hint as to where to get that public key?

Question information

Language:
English Edit question
Status:
Solved
For:
Xpad Edit question
Assignee:
No assignee Edit question
Solved by:
Arthur Borsboom
Solved:
2016-06-11
Last query:
2016-06-11
Last reply:
2016-06-11

The key is my key, but apparently I have to publish my public key somewhere.
I will give it a try and come back to you.

On 10 June 2016 at 22:42, jcfp <email address hidden> wrote:

> New question #295164 on Xpad:
> https://answers.launchpad.net/xpad/+question/295164
>
> Hi! While working on updating the xpad package in debian I noticed
> releases on launchpad (https://launchpad.net/xpad/+download) are signed,
> with an *.asc available for every release. Unfortunately, the public key
> with id A6F2322B needed to verify that signature seems rather elusive.
>
> Trying to verify results in the key not found (also tried with another
> keyserver, same result):
>
> $ gpg --verify /tmp/xpad-4.8.0.tar.bz2.asc ../xpad_4.8.0.tar.bz2
> gpg: Signature made 2016-04-10T14:01:43 CEST using RSA key ID A6F2322B
> gpg: requesting key A6F2322B from hkp server keyserver.ubuntu.com
> gpgkeys: key 92BF2FCCA6F2322B not found on keyserver
> gpg: no valid OpenPGP data found.
> gpg: Total number processed: 0
> gpg: keyserver communications error: key not found
> gpg: keyserver communications error: bad public key
> gpg: Can't check signature: public key not found
>
>
> Any hint as to where to get that public key?
>
> --
> You received this question notification because your team Xpad
> Developers is an answer contact for Xpad.
>
> _______________________________________________
> Mailing list: https://launchpad.net/~xpad-hackers
> Post to : <email address hidden>
> Unsubscribe : https://launchpad.net/~xpad-hackers
> More help : https://help.launchpad.net/ListHelp
>

--
Arthur Borsboom
Mob: +31629089953
Email: <email address hidden>
[image: View Arthur's LinkedIn profile]
<http://uk.linkedin.com/in/arthurborsboom>

I have uploaded my key to a couple of keyserver, including the ubuntu.com one.

Does it work this time?

jcfp (jcfp) said : #3

Works fine now, thanks!

I'll add the pubkey into the debian packaging so the integrity the downloaded files for future updates will be automatically checked by uscan.

jcfp (jcfp) said : #4

Thanks Arthur Borsboom, that solved my question.