Tor signature verification fails always #263

Closed
nirvinm opened this Issue Jan 29, 2017 · 15 comments

Comments

Projects
None yet

nirvinm commented Jan 29, 2017

Tried installing Tor Browser Launcher via GNOME Software and DNF package manager on Fedora. Tor Launcher is getting installed successfully. However I'm not able to download Tor. Everytime I open Tor, installation fails saying "SIGNATURE VERIFICATION FAILED".
Tried all mirrors.
screenshot from 2017-01-29 17-11-45

ge-fa commented Jan 29, 2017

Which version of torbrowser-launcher are you using?

nirvinm commented Jan 29, 2017

Version : 0.2.6
Release : 1.fc25
OS: Fedora 25

I'm seeing this as well, with version 0.1.9 on Debian stable.

ge-fa commented Jan 29, 2017

@HighCommander4 The Debian bug is reported here. Here is a workaround working on Debian based systems:

Run the following in your terminal, this is one line:
gpg --homedir "$HOME/.local/share/torbrowser/gnupg_homedir/" --refresh-keys --keyserver pgp.mit.edu

@nirvinm Not sure if this works on Fedora as well - maybe test this.

ge-fa commented Jan 29, 2017

See #260 as well.

fabianHAW commented Jan 31, 2017

same problem here. but i can't retrieve the keys:

$ gpg --homedir "$HOME/.local/share/torbrowser/gnupg_homedir/" --refresh-keys --keyserver pgp.mit.edu

gpg: refreshing 2 keys from hkp://pgp.mit.edu
gpg: requesting key 63FEE659 from hkp server pgp.mit.edu
gpg: requesting key 93298290 from hkp server pgp.mit.edu
gpgkeys: key 8738A680B84B3031A630F2DB416F061063FEE659 can't be retrieved
gpgkeys: key EF6E286DDA85EA2A4BA7DE684E2C6E8793298290 can't be retrieved
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

any suggestions?

eyalroz commented Jan 31, 2017

Seeing this on Linux Mint 18.1 64bit (v0.2.4, trying to d/l browser version 6.5). Using the refresh-keys workaround resolves the problem.

nirvinm commented Feb 1, 2017

@ge-fa Thanks :)
gpg --homedir "$HOME/.local/share/torbrowser/gnupg_homedir/" --refresh-keys --keyserver pgp.mit.edu
This fixed the issue in Fedora 25.

SirArthurII commented Feb 2, 2017

@fabianHAW
Had the same problem
Debian Jessie 8.7
I am a rookie.

Had problems connecting to Tor since I installed Apparmor.
$sudo service apparmor teardown
was a temporary solution until I figure out how to configure Tor profile in AA.
Afaik this problem only exists in Debian.

But update did not work because i could not retreive the keys, like you.
Teardown was not sufficient for keys - I had to stop AA being loaded at boot.

Disabling Apparmor this way let me retrieve the keys and install Tor 6.5 eventually.

But I really don't know, if this is save or what.
Now time to config Apparmor properly.

after some days trying, this workaround worked for me too :) maybe the server (pgp.mit.edu) had some problems. thanks for helping!!

@micahflee micahflee added the duplicate label Mar 13, 2017

Owner

micahflee commented Mar 13, 2017

This is a duplicate of #260, which is fixed in the latest version of torbrowser-launcher.

@micahflee micahflee closed this Mar 13, 2017

Hi Micah,

Not sure this is the right place to post & I surely don't want to sound too demanding: Do you mind updating the non-Trusty ppa packages to 0.2.7?

Thanks for providing the torbrowser-launcher!

If pgp.mit.edu is down, one could use
gpg --homedir "$HOME/.local/share/torbrowser/gnupg_homedir/" --refresh-keys --keyserver pool.sks-keyservers.net

I'm having this exact same issue on UbuntuMATE 16.04 LTS. Downloaded from Software Boutique. No idea what the version is.

thanks so much running in parrotSec

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment