Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

encfs release validation gpg key nowhere to be found #220

Closed
svetlemodry opened this issue Sep 19, 2016 · 2 comments
Closed

encfs release validation gpg key nowhere to be found #220

svetlemodry opened this issue Sep 19, 2016 · 2 comments

Comments

@svetlemodry
Copy link

Hi!
I'd like to use the gpg key for source code validation while creating the Arch Linux encfs package, but it seems the public part of the key used to validate the github releases is nowhere to be found.
Any chance to get the verification key published on the keyservers?
Thanks!

$ gpg --recv-keys 0x33C65E29813C14DF
gpg: keyserver receive failed: No data
@vgough
Copy link
Owner

vgough commented Sep 19, 2016

Thanks, I hadn't realized that this key wasn't published. Published now, but I imagine that it'll take some time to propagate between key servers. Unfortunately, gpg does not make it easy to combine signatures from multiple keys into one signature file.. Below is the exported public key that was used to sign this release.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2

mQINBFEMosUBEAC0gJlDIkuL/5Tw1p+/Y5bEHdyALTBoxG8NB+vByxDmWzNDC0dG
OnYlisZgPT7UD9gg853cbsMKV7fP64krSRiYJcsbFi7Xq62ZeijXgLXRXy1o4eTU
JTWCQGziVQ8Ip+YvZ47OCD9kM3KMPizX68uyxnRrwNFbE6KO0fpGsOAS5pKJmAXv
5+hxfyq+SqwWCHKyyzz8/FjFMFZhJrHuYzBJeIZa/145b53kN+bpVBNIRm/H8xmh
V0ik3aLlsn5PL5YB5kPIcN5CUDHR6F1s91pA6lPBJMPVAd38d77RHxXX/mN+0fQ+
iBYmkGqoXBlXPEmQDLPgaaSOVqRTjY8AuYRBtJShnhit0fhCA4IxBxQGjjWwD6NI
FBqduUnMUnrKsFZbhL9XWJSdmVWBD2225atWkOUT2wR8qkDFGvXObuwUNeEFCI1U
lgBeJIA7gYNzBni90VJpyJY/Z8QYbr2zsICPCD6Nqfbe6WIInN6qVHvMG4df/gTP
K6nFttfJ72+nOA6KdfRIUVsl+5OCHE6QiufL2MC6raMU2S3/Lh3w631EdUgSbIoo
dAyvgBIZL5RIP1l+veFgXWwu291rZXDlqM91Jsd0UmEV2NH+mEQtKfCHvf0B/He8
imwO7bKYamKTNE4pOX0BBdqzNQ1RevznI4lrqID78CRQRUbtXZug2RN0mQARAQAB
tCFWYWxpZW50IEdvdWdoIDx2YWxpZW50QGdtYWlsLmNvbT6JAjgEEwECACIFAlEM
osUCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEDPGXimBPBTfmRIP/00L
PgGlgYgrmY2QxQ5mMsSBEQFQNHus0imB5zyrLm3CtnzLrjM4cxwWVezTaxiokXJZ
/8U6VhkkTXhUl2lhFQnIz5lzByArcQ+JqeCiPLtU+nq7ppPuZMu5ZkblLsMhtOfa
JwNp7YDXxE4yLOpyxw+mc9psbv5FzI1a1k2rQBz693fyBKA1T+TWrrPQQQ9wHxAk
f9cd4gM5F2bLZHptJbLlPYUc4IlML3Uup1cgPrmYSVQXIl4Y/zwarZHdyErxpegj
LfezE25DlMz+Vp9EwLduWr0XOGxVT/PFtk39KlsCIN0lIg+nbgm2bL7XpoICfUUd
eNiJO4xVWEG3ysP+T9XlcHTiPjSfRNyFqDlgK4w5nuQai1RkOGXDqSuLwWTAJwkC
klYLt9ttQEiew1wauWCqOuUYVO/MG9b4aj/xKVT7RkPKZVEEfqHGRB93I6RV/DXe
8F6yoZJ/PG/zizWDKRuZZgzH4Gw22JE6kluavJHy29FmuOUAVl6D6ngXL4V5Y599
g9SiNzCSrbYiYzwzXysAzwy4vMQn7cNVGjxWNAN5kooPgowmCgthA7xgyQYAmFGz
uxrHCa30/nLUFxgECZ/GSkG0WdXvdef+aW518jsoBGwP16COoeRdYB6S446a66zI
/rAo+AoQvShpKlj9rRXdfQ61uGYk1LtvTnHn8W24iEYEEBECAAYFAlcF/7YACgkQ
Wp20Ay6vTYBcjQCfRQLz9OvnMI+0EXdDPO2bg+kNEqAAnjskNQv1B8YmJikTsz5+
H91LSJiGiQIcBBABCAAGBQJX4D25AAoJENQ5qIZ3I6pERM8P/i8F9YsvMoa/y8DP
2VvSYF+gwRhYyItZ+drcYj/5/89DeVrM2GoJbpIbQYXsPDjHxce+LR4ATxXWdXgk
GnaEkjdBtdXniu7MwrMVq357HsDUGBTAoppqYS7md3C/vSxPejPS3AcGmA9CGyS8
SXEp2fkO/cygx+VnaJyh7v2BDdO4n1rz9HJEhvzPIzjMDYuENZ6Uh49Y8b+tp1Tp
TLaAoJV05M+U3Ly+uHGQ/TJwT4yEN/nlX6J7ezP6thzyivhBeTzLlz7w8lPLZDlS
b1Wsp7Ic5e8SulohSOoS91rEG5ty4jdwh+9RwqNmobPkIcdVt48QqFqr+vnQgHdg
isOPRdd5ov+C7N6OesdfC2RHoHA92X0UT7HjxCjZ7O6LWmDs6NTKuPMtg+BhkHkR
G8V/uqGrJFEJdV1ZBrerZnuGIP7MWArEEFti5p2J/S8IIkv9xbL/drPIVJukiMEm
N7Vkjqu4A4PLeJxwT42KLJbqhcefPYtW94UY5kCr/J7fJt9OLIyiugTJpbwylZ5E
jVp266hRB2bncqp9sz/bSwlx7xYRmzeR/Gkn6+gBwhWAKlGhifkm/jRcRSqOpwL9
yARzpE5sK1Iu64W3mIedbMWho1DHbeBPQJCf5BFA32oya5+LxM771CR4v2LMsiXW
xhszLR5qwEp/Z/4FbzYVDS2AOj9OuQINBFEMosUBEADCqN/bar7vONr5ytqmSHA+
YqtqDm4cQ+hPMOdchLwjvFqcWky0eojss0z/jQYEwur5BSkCh0k9tauiiliP+HoB
sBreo2vAINvBJDTcoTQgZJ1ByizFt5lXRG6xK/tShAwHNnGIVd0L3EsyeKS5L/fm
Qab4oattNhFIjfjs4iW2cjFNFCkpulqXImXsMxbUTIPf9sgV/oW+NT/QJiML6iBc
VfdkfuVI9GJkLfDJ2Mx+fRc9UnWcV2HxETOwi1G2Yggewq5v1U0lgvjBZoxHiagt
sz/K1fDcWEQ82mF84cG5GM12JeAvF5cTqQ1argv7P4gRPYMj0y3t/WO+SIhNQg1t
L1cSdfFB7N1QHCjhr1wyGIZdoBtbo/NF3uCsFHeqBkNw1Z3/jOTA6LqB42mRr3VY
/lo2iF/+Jcu37B/EsyZBWw5HJBcwq8NjeWlTQATUiiPDJzd4ImZmA/d7q0LNVvFA
PKlMFVtuzgEa8l0YVXP1b4j9cK375nFdAxXcq7hzGO1ZQdxNOzvwAekuZHjqWMTB
zx6uQpLTpbl9d9gjmSl2OwshX+l9XG5tWG8mgppha5oaoygTZ3EBeCLFNXBukHkU
653jogQRLtT7qIiix0E0kFsSOwxXSmnalrp4HWTRzzJc351+rJSTcpcQrOvqpWHV
VNw/81woP5J/L2yhUW4PzwARAQABiQIfBBgBAgAJBQJRDKLFAhsMAAoJEDPGXimB
PBTfp0MP+QFrPdKZxPC7HW+++De/Z5CcUOl41xr/1Z6uztn3Ugak2vKLHl8VSeRU
CnS55I84ZGL8bSPGb8F9sbRG603SvaSY5CQz5iyJxrnSABgiqpjtLelBU4Gxons3
XMdJYG8Q3E8KSUubK77xd8CDJStk9O33C6dHzOBUcpDYCo2vo1fCz2MQw+8tg+ie
97C2F3s3EAtoD4VNzB+pGYfFIAhhSACjf9RDM9exbX+wZ5uf4dkq3Y63FvzSeCd6
5DtLLmlGoBfcviJgX5JUuBDkQpUyfPAGGErNnSPcUB0PESTFw1JrRc/2jL2Kchx8
efkajEy8GaPn95DFxnnYb/LeDNMPdgLUOLPDzAd/GvB7ft6ZRflDPE9kCInDkdFf
jegTeLOuWkyoVZl+Kv7wrchCWEn6HcySc6KiXr5t1nFA4YKbIlO2pIcWBuco4RNZ
jqdHCy+7loMeVMJfR7qreGzuLvYs2Kx9QTFRQY99DoLxlz+4+T9cZRDuSljdKoC1
4UlxhhrYqe6MZpx/7gfULmKwK7ik2DkITuGI1hovSTD/vaGvNsG5NbcKzznNlPHe
6WFvFF1V75bn2RjMAiFH5qV4lQWHNqh0r+7j+dHskqrez5VmwaFzaZZBkNF/eu4Q
NoSGlSUkaCcjss7b7z6IfaRt3Eio4DVMFRnWGhvLUfwLCfLLqtsk
=kT/b
-----END PGP PUBLIC KEY BLOCK-----

@vgough vgough closed this as completed Sep 19, 2016
@svetlemodry
Copy link
Author

Quick fix, awesome!
Signature check works.

monotonemonk pushed a commit to monotonemonk/arch_svntogit_community- that referenced this issue Feb 9, 2017
upgpkg: encfs 1.9.1-2 - gpg source signature check added with
60138a1 
vgough/encfs#220 fixed

git-svn-id: file:///srv/repos/svn-community/svn@189999 9fca08f4-af9d-4005-b8df-a31f2cc04f65
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vgough @svetlemodry