#25 Unable to verify file sets during installation

Closed
opened 6 years ago by and_who · 2 comments

Signature verification fails while fetching file sets due to the wrong key being used:

Get/Verify SHA256.sig   100% |**************************|   155       00:00
signify: verification failed: checked against wrong key
Signature check of SHA256.sig failed. Continue without verification? [no]

I grep'd install.sub and found $PUB_KEY to still be using the default value provided by OpenBSD, which needs to be changed (and the LibertyBSD release public key included in the installation image):

# grep PUB_KEY install.sub
                        signify -Vep $PUB_KEY -x "$_cfile.sig" -m "$_cfile" &&
                signify -Vep $PUB_KEY -x $_sig -m $_sha >/dev/null 2>&1; then
PUB_KEY=/etc/signify/openbsd-${VERSION}-base.pub

EDIT: I opened a pull request to address part of this issue.

Signature verification fails while fetching file sets due to the wrong key being used: ``` Get/Verify SHA256.sig 100% |**************************| 155 00:00 signify: verification failed: checked against wrong key Signature check of SHA256.sig failed. Continue without verification? [no] ``` I grep'd `install.sub` and found `$PUB_KEY` to still be using the default value provided by OpenBSD, which needs to be changed (and the LibertyBSD release public key included in the installation image): ``` # grep PUB_KEY install.sub signify -Vep $PUB_KEY -x "$_cfile.sig" -m "$_cfile" && signify -Vep $PUB_KEY -x $_sig -m $_sha >/dev/null 2>&1; then PUB_KEY=/etc/signify/openbsd-${VERSION}-base.pub ``` EDIT: I opened a [pull request](https://notabug.org/LibertyBSD/libertybsd-scripts/pulls/26) to address part of this issue.
Jaidyn Ann commented 6 years ago
Owner

@and_who: It looks like you took care of the whole issue, to me-- what other parts are there of this issue?

@and_who: It looks like you took care of the whole issue, to me-- what other parts are there of this issue?
Andrew Robbins commented 6 years ago
Poster

@jadedctrl, I can't recall what I was alluding to when I wrote that--oops. If I do remember and it's anything important then I'll open a new issue.

@jadedctrl, I can't recall what I was alluding to when I wrote that--oops. If I do remember and it's anything important then I'll open a new issue.
Sign in to join this conversation.
No Label
No Milestone
No assignee
2 Participants
Loading...
Cancel
Save
There is no content yet.