Mdthbs

Intern not wearing safety equipment; how could I have handled this differently?

What does the multimeter dial do internally?

Did depressed people far more accurately estimate how many monsters they killed in a video game?

Is "wissen" the only verb in German to have an irregular present tense?

Need a non-volatile memory IC with near unlimited read/write operations capability

What was the profession 芸者 (female entertainer) called in Russia?

Blocks from @ jafe

Is there an In-Universe reason why Thor and the Asgardians think Rocket is a rabbit?

Write a function

run bash scripts in folder all at the same time

Decrease spacing between a bullet point and its subbullet point

What is the average number of draws it takes before you can not draw any more cards from the Deck of Many Things?

How should I ask for a "pint" in countries that use metric?

Interpretation of non-significant results as "trends"

Why did Robert F. Kennedy loathe Lyndon B. Johnson?

How many Jimmys can fit?

Why do people prefer metropolitan areas, considering monsters and villains?

Draw a diagram with rectangles

Separate a column into its components based on another table

What exactly is a "murder hobo"?

Gory anime with pink haired girl escaping an asylum

Is it okay to use open source code to do an interview task?

This LM317 diagram doesn't make any sense to me

Is there a formal/better word than "skyrocket" for the given context?

How to import the official Tor GPG keys?

Why aren't the Fedora GPG keys signed?How to check which SSH keys are currently 'active'?How to securely download rpmfusion keysHow to import OTR key into Pidgin?How to extract RSA keys from ApacheHow to create a darknet/Tor web site in Linux?How to get yum to use the already imported gpg keys?Running Tor service in the jail environmentHow to additional public keys to .secondary_trusted_keys?How to set the passphrase that different keys are discriminable

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}

3

3

I am trying to install the latest Tor Browser Bundle on Arch Linux:

$ makepkg --syncdeps --install

[...]

==> Verifying source file signatures with gpg...

    tor-browser-linux64-4.0.8_en-US.tar.xz ... FAILED (unknown public key 2E1AC68ED40814E0)

==> ERROR: One or more PGP signatures could not be verified!

I am not able to import the GPG key:

$ gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0

gpg: keyserver receive failed: No keyserver available

$ gpg --keyserver pgp.mit.edu --recv-keys 2E1AC68ED40814E0

gpg: keyserver receive failed: No keyserver available

The command fails immediately every time. This has happened before with other keys, and I'm wondering if GPG gets itself into a bind sometimes. I am perfectly able to use the Internet otherwise, and I have a bare bones GPG configuration:

$ grep -ve '^#' -e '^$' ~/.gnupg/gpg.conf 

require-cross-certification

keyserver hkp://pgp.mit.edu

What can I do to actually download and import the key using gpg? sudo pacman-key --recv-key 2E1AC68ED40814E0 runs fine, but it appears that keyring isn't used by makepkg.

security

share|improve this question

asked Apr 14 '15 at 21:57

l0b0l0b0

29.9k2323 gold badges127127 silver badges261261 bronze badges

migrated from tor.stackexchange.com Apr 15 '15 at 12:37

This question came from our site for researchers, developers, and users of Tor.

add a comment | 

3

3

I am trying to install the latest Tor Browser Bundle on Arch Linux:

$ makepkg --syncdeps --install

[...]

==> Verifying source file signatures with gpg...

    tor-browser-linux64-4.0.8_en-US.tar.xz ... FAILED (unknown public key 2E1AC68ED40814E0)

==> ERROR: One or more PGP signatures could not be verified!

I am not able to import the GPG key:

$ gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0

gpg: keyserver receive failed: No keyserver available

$ gpg --keyserver pgp.mit.edu --recv-keys 2E1AC68ED40814E0

gpg: keyserver receive failed: No keyserver available

The command fails immediately every time. This has happened before with other keys, and I'm wondering if GPG gets itself into a bind sometimes. I am perfectly able to use the Internet otherwise, and I have a bare bones GPG configuration:

$ grep -ve '^#' -e '^$' ~/.gnupg/gpg.conf 

require-cross-certification

keyserver hkp://pgp.mit.edu

What can I do to actually download and import the key using gpg? sudo pacman-key --recv-key 2E1AC68ED40814E0 runs fine, but it appears that keyring isn't used by makepkg.

security

share|improve this question

asked Apr 14 '15 at 21:57

l0b0l0b0

29.9k2323 gold badges127127 silver badges261261 bronze badges

migrated from tor.stackexchange.com Apr 15 '15 at 12:37

This question came from our site for researchers, developers, and users of Tor.

add a comment | 

I am trying to install the latest Tor Browser Bundle on Arch Linux:

$ makepkg --syncdeps --install

[...]

==> Verifying source file signatures with gpg...

    tor-browser-linux64-4.0.8_en-US.tar.xz ... FAILED (unknown public key 2E1AC68ED40814E0)

==> ERROR: One or more PGP signatures could not be verified!

I am not able to import the GPG key:

$ gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0

gpg: keyserver receive failed: No keyserver available

$ gpg --keyserver pgp.mit.edu --recv-keys 2E1AC68ED40814E0

gpg: keyserver receive failed: No keyserver available

The command fails immediately every time. This has happened before with other keys, and I'm wondering if GPG gets itself into a bind sometimes. I am perfectly able to use the Internet otherwise, and I have a bare bones GPG configuration:

$ grep -ve '^#' -e '^$' ~/.gnupg/gpg.conf 

require-cross-certification

keyserver hkp://pgp.mit.edu

What can I do to actually download and import the key using gpg? sudo pacman-key --recv-key 2E1AC68ED40814E0 runs fine, but it appears that keyring isn't used by makepkg.

security

share|improve this question

asked Apr 14 '15 at 21:57

l0b0l0b0

29.9k2323 gold badges127127 silver badges261261 bronze badges

$ makepkg --syncdeps --install

[...]

==> Verifying source file signatures with gpg...

    tor-browser-linux64-4.0.8_en-US.tar.xz ... FAILED (unknown public key 2E1AC68ED40814E0)

==> ERROR: One or more PGP signatures could not be verified!

$ gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0

gpg: keyserver receive failed: No keyserver available

$ gpg --keyserver pgp.mit.edu --recv-keys 2E1AC68ED40814E0

gpg: keyserver receive failed: No keyserver available

$ grep -ve '^#' -e '^$' ~/.gnupg/gpg.conf 

require-cross-certification

keyserver hkp://pgp.mit.edu

share|improve this question

asked Apr 14 '15 at 21:57

l0b0l0b0

29.9k2323 gold badges127127 silver badges261261 bronze badges

share|improve this question

asked Apr 14 '15 at 21:57

l0b0l0b0

29.9k2323 gold badges127127 silver badges261261 bronze badges

asked Apr 14 '15 at 21:57

l0b0l0b0

29.9k2323 gold badges127127 silver badges261261 bronze badges

asked Apr 14 '15 at 21:57

l0b0l0b0

29.9k2323 gold badges127127 silver badges261261 bronze badges

3 Answers
3

active

oldest

votes

3

Your problem is with GnuPG. I can't tell you how to fix GnuPG, but if you just want to import the key, then I suggest that don't let gpg fetch the key - download it yourself from the keyserver and then let gpg import it.

Or as a command line:

curl "https://pgp.mit.edu/pks/lookup?op=get&search=0x4E2C6E8793298290" -o - | gpg --import

share|improve this answer

edited Aug 27 '15 at 5:14

answered Aug 26 '15 at 19:53

Thomas WeinbrennerThomas Weinbrenner

2,68722 gold badges1111 silver badges3131 bronze badges

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Could you edit that to say https? I don't think you want to import keys which were downloaded on a plaintext connection.
  
  – l0b0
  Aug 26 '15 at 22:00
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Changed it, even if I don't see the necessity. He won't be able to hide the fact, that he is using tor, so it's not important that someone can see which key he downloaded. And to make sure that it is the right key, you should always verify the fingerprint.
  
  – Thomas Weinbrenner
  Aug 27 '15 at 5:22
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I've also experienced the same problem here and the above seemed to work.
  
  – johnildergleidisson
  Dec 4 '15 at 19:22
  

  
  
  
  

add a comment | 

2

I can not reproduce this problem. Here the import works fine (forgive the German output):

$ gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0

gpg: Schlüssel D40814E0 von hkp-Server keys.gnupg.net anfordern

gpg: Schlüssel 93298290: Öffentlicher Schlüssel "Tor Browser Developers (signing key) <torbrowser@torproject.org>" importiert

gpg: 3 marginal-needed, 1 complete-needed, PGP Vertrauensmodell

gpg: Tiefe: 0  gültig:   3  unterschrieben:  33  Vertrauen: 0-, 0q, 0n, 0m, 0f, 3u

gpg: Tiefe: 1  gültig:  33  unterschrieben: 132  Vertrauen: 33-, 0q, 0n, 0m, 0f, 0u

gpg: nächste "Trust-DB"-Pflichtüberprüfung am 2015-05-01

gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1

gpg:               importiert: 1  (RSA: 1)

gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0  9.66s user 0.42s system 93% cpu 10.742 total

It looks like you are having a problem with GnuPG, not Tor.

share|improve this answer

answered Apr 15 '15 at 7:26

Tichodroma

add a comment | 

0

I had the same issue, and I didn't know how to handle it either. I thought it might be a firewall issue, but that wasn't it. I went to sks-keyservers.net and looked around. Noticed the ipv4.pool.sks-keyservers.net pool and wondered if that might help. It worked. So my solution was gpg --keyserver ipv4.pool.sks-keyservers.net --recv-keys 0x4E2C6E8793298290 and everything worked fine.

share|improve this answer

answered 1 hour ago

DennisDennis

111 bronze badge

New contributor

Dennis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f196393%2fhow-to-import-the-official-tor-gpg-keys%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

3

Your problem is with GnuPG. I can't tell you how to fix GnuPG, but if you just want to import the key, then I suggest that don't let gpg fetch the key - download it yourself from the keyserver and then let gpg import it.

Or as a command line:

curl "https://pgp.mit.edu/pks/lookup?op=get&search=0x4E2C6E8793298290" -o - | gpg --import

share|improve this answer

edited Aug 27 '15 at 5:14

answered Aug 26 '15 at 19:53

Thomas WeinbrennerThomas Weinbrenner

2,68722 gold badges1111 silver badges3131 bronze badges

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Could you edit that to say https? I don't think you want to import keys which were downloaded on a plaintext connection.
  
  – l0b0
  Aug 26 '15 at 22:00
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Changed it, even if I don't see the necessity. He won't be able to hide the fact, that he is using tor, so it's not important that someone can see which key he downloaded. And to make sure that it is the right key, you should always verify the fingerprint.
  
  – Thomas Weinbrenner
  Aug 27 '15 at 5:22
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I've also experienced the same problem here and the above seemed to work.
  
  – johnildergleidisson
  Dec 4 '15 at 19:22
  

  
  
  
  

add a comment | 

3

Your problem is with GnuPG. I can't tell you how to fix GnuPG, but if you just want to import the key, then I suggest that don't let gpg fetch the key - download it yourself from the keyserver and then let gpg import it.

Or as a command line:

curl "https://pgp.mit.edu/pks/lookup?op=get&search=0x4E2C6E8793298290" -o - | gpg --import

share|improve this answer

edited Aug 27 '15 at 5:14

answered Aug 26 '15 at 19:53

Thomas WeinbrennerThomas Weinbrenner

2,68722 gold badges1111 silver badges3131 bronze badges

• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Could you edit that to say https? I don't think you want to import keys which were downloaded on a plaintext connection.
  
  – l0b0
  Aug 26 '15 at 22:00
  

  
  
  
  


• 
  
  
  

  
  1
  

  
  
  
  
  
  

  
  
  Changed it, even if I don't see the necessity. He won't be able to hide the fact, that he is using tor, so it's not important that someone can see which key he downloaded. And to make sure that it is the right key, you should always verify the fingerprint.
  
  – Thomas Weinbrenner
  Aug 27 '15 at 5:22
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  I've also experienced the same problem here and the above seemed to work.
  
  – johnildergleidisson
  Dec 4 '15 at 19:22
  

  
  
  
  

add a comment | 

Your problem is with GnuPG. I can't tell you how to fix GnuPG, but if you just want to import the key, then I suggest that don't let gpg fetch the key - download it yourself from the keyserver and then let gpg import it.

Or as a command line:

curl "https://pgp.mit.edu/pks/lookup?op=get&search=0x4E2C6E8793298290" -o - | gpg --import

share|improve this answer

edited Aug 27 '15 at 5:14

answered Aug 26 '15 at 19:53

Thomas WeinbrennerThomas Weinbrenner

2,68722 gold badges1111 silver badges3131 bronze badges

share|improve this answer

edited Aug 27 '15 at 5:14

answered Aug 26 '15 at 19:53

Thomas WeinbrennerThomas Weinbrenner

2,68722 gold badges1111 silver badges3131 bronze badges

answered Aug 26 '15 at 19:53

Thomas WeinbrennerThomas Weinbrenner

2,68722 gold badges1111 silver badges3131 bronze badges

answered Aug 26 '15 at 19:53

Thomas WeinbrennerThomas Weinbrenner

2,68722 gold badges1111 silver badges3131 bronze badges

$ gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0

gpg: Schlüssel D40814E0 von hkp-Server keys.gnupg.net anfordern

gpg: Schlüssel 93298290: Öffentlicher Schlüssel "Tor Browser Developers (signing key) <torbrowser@torproject.org>" importiert

gpg: 3 marginal-needed, 1 complete-needed, PGP Vertrauensmodell

gpg: Tiefe: 0  gültig:   3  unterschrieben:  33  Vertrauen: 0-, 0q, 0n, 0m, 0f, 3u

gpg: Tiefe: 1  gültig:  33  unterschrieben: 132  Vertrauen: 33-, 0q, 0n, 0m, 0f, 0u

gpg: nächste "Trust-DB"-Pflichtüberprüfung am 2015-05-01

gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1

gpg:               importiert: 1  (RSA: 1)

gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0  9.66s user 0.42s system 93% cpu 10.742 total

$ gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0

gpg: Schlüssel D40814E0 von hkp-Server keys.gnupg.net anfordern

gpg: Schlüssel 93298290: Öffentlicher Schlüssel "Tor Browser Developers (signing key) <torbrowser@torproject.org>" importiert

gpg: 3 marginal-needed, 1 complete-needed, PGP Vertrauensmodell

gpg: Tiefe: 0  gültig:   3  unterschrieben:  33  Vertrauen: 0-, 0q, 0n, 0m, 0f, 3u

gpg: Tiefe: 1  gültig:  33  unterschrieben: 132  Vertrauen: 33-, 0q, 0n, 0m, 0f, 0u

gpg: nächste "Trust-DB"-Pflichtüberprüfung am 2015-05-01

gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1

gpg:               importiert: 1  (RSA: 1)

gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0  9.66s user 0.42s system 93% cpu 10.742 total

$ gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0

gpg: Schlüssel D40814E0 von hkp-Server keys.gnupg.net anfordern

gpg: Schlüssel 93298290: Öffentlicher Schlüssel "Tor Browser Developers (signing key) <torbrowser@torproject.org>" importiert

gpg: 3 marginal-needed, 1 complete-needed, PGP Vertrauensmodell

gpg: Tiefe: 0  gültig:   3  unterschrieben:  33  Vertrauen: 0-, 0q, 0n, 0m, 0f, 3u

gpg: Tiefe: 1  gültig:  33  unterschrieben: 132  Vertrauen: 33-, 0q, 0n, 0m, 0f, 0u

gpg: nächste "Trust-DB"-Pflichtüberprüfung am 2015-05-01

gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1

gpg:               importiert: 1  (RSA: 1)

gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0  9.66s user 0.42s system 93% cpu 10.742 total

$ gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0

gpg: Schlüssel D40814E0 von hkp-Server keys.gnupg.net anfordern

gpg: Schlüssel 93298290: Öffentlicher Schlüssel "Tor Browser Developers (signing key) <torbrowser@torproject.org>" importiert

gpg: 3 marginal-needed, 1 complete-needed, PGP Vertrauensmodell

gpg: Tiefe: 0  gültig:   3  unterschrieben:  33  Vertrauen: 0-, 0q, 0n, 0m, 0f, 3u

gpg: Tiefe: 1  gültig:  33  unterschrieben: 132  Vertrauen: 33-, 0q, 0n, 0m, 0f, 0u

gpg: nächste "Trust-DB"-Pflichtüberprüfung am 2015-05-01

gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1

gpg:               importiert: 1  (RSA: 1)

gpg --keyserver keys.gnupg.net --recv-keys 2E1AC68ED40814E0  9.66s user 0.42s system 93% cpu 10.742 total

0

I had the same issue, and I didn't know how to handle it either. I thought it might be a firewall issue, but that wasn't it. I went to sks-keyservers.net and looked around. Noticed the ipv4.pool.sks-keyservers.net pool and wondered if that might help. It worked. So my solution was gpg --keyserver ipv4.pool.sks-keyservers.net --recv-keys 0x4E2C6E8793298290 and everything worked fine.

share|improve this answer

answered 1 hour ago

DennisDennis

111 bronze badge

New contributor

Dennis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

0

I had the same issue, and I didn't know how to handle it either. I thought it might be a firewall issue, but that wasn't it. I went to sks-keyservers.net and looked around. Noticed the ipv4.pool.sks-keyservers.net pool and wondered if that might help. It worked. So my solution was gpg --keyserver ipv4.pool.sks-keyservers.net --recv-keys 0x4E2C6E8793298290 and everything worked fine.

share|improve this answer

answered 1 hour ago

DennisDennis

111 bronze badge

New contributor

Dennis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

I had the same issue, and I didn't know how to handle it either. I thought it might be a firewall issue, but that wasn't it. I went to sks-keyservers.net and looked around. Noticed the ipv4.pool.sks-keyservers.net pool and wondered if that might help. It worked. So my solution was gpg --keyserver ipv4.pool.sks-keyservers.net --recv-keys 0x4E2C6E8793298290 and everything worked fine.

share|improve this answer

answered 1 hour ago

DennisDennis

111 bronze badge

New contributor

Dennis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this answer

answered 1 hour ago

DennisDennis

111 bronze badge

New contributor

Dennis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

answered 1 hour ago

DennisDennis

111 bronze badge

New contributor

Dennis is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

answered 1 hour ago

DennisDennis

111 bronze badge