Hello!
I repeatedly try to install Tor under Debian Buster and fail again at key import. With the last system I found the solution by activating the "Experimental repos" under Debian. This time it didn't work and I kept looking.
Before repair: ... 2019-11-15 21:18:33 (294 KB/s) - ‘A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc’ saved [19665/19665] gpg: no valid OpenPGP data found. gpg: Total number processed: 0
My procedure: I opened the key copied from the Tor website and found at the end of the key the spelling ... sGsEejVHxvX7/iOE3rM= =47bK -----END PGP PUBLIC KEY BLOCK-----
I changed the last line intuitively with an editor to ... sGsEejVHxvX7/iOE3rM==47bK -----END PGP PUBLIC KEY BLOCK-----
and saved it.
Afterwards the import worked!
gpg2 --import ./A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc gpg: key EE8CBC9E886DDD89: 36 signatures not checked due to missing keys gpg: key EE8CBC9E886DDD89: public key "deb.torproject.org archive signing key" imported gpg: Total number processed: 1 gpg: imported: 1 gpg: no ultimately trusted keys found
gpg2 --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add - OK
I have no explanation!
Best regards! Olaf
Translated with www.DeepL.com/Translator
On Fri, 15 Nov 2019 20:43:12 +0100 Olaf Grimm jeep665@posteo.de wrote:
Hello!
I repeatedly try to install Tor under Debian Buster and fail again at key import. With the last system I found the solution by activating the "Experimental repos" under Debian. This time it didn't work and I kept looking.
Before repair: ... 2019-11-15 21:18:33 (294 KB/s) - ‘A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc’ saved [19665/19665] gpg: no valid OpenPGP data found. gpg: Total number processed: 0
You have previously asked about this on 17th of October and have been advised to use curl as the site suggests, not wget. The issue here is that 'curl' writes the downloaded file to its STDOUT by default, but wget does not. So pipe-based usage such as:
curl ... | gpg ... <- will work
but
wget ... | gpg ... <- will not
For 'wget' to work in the same situation you need to tell it to output the downloaded file to STDOUT, like curl does. It is done by appending "-O -" to its arguments. If you use wget, don't forget to do that:
wget -O - http://URL | gpg ...
Ok, curl works now after update, although I also see this strange last line in STOUT.
My somewhat hidden question or hint is that I edited the key file by hand and the import suddenly works. I have the impression I accidentally fixed the download changed by 'wget' with the editor. I removed a 'carriage return'. This also changes the file content.
Is that possible or is there a deeper problem? I thought I found an irregularity. Please excuse the question.
By the way, curl is not default in Debian Buster.
Olaf
Am 16.11.19 um 13:15 schrieb Roman Mamedov:
On Fri, 15 Nov 2019 20:43:12 +0100 Olaf Grimm jeep665@posteo.de wrote:
Hello!
I repeatedly try to install Tor under Debian Buster and fail again at key import. With the last system I found the solution by activating the "Experimental repos" under Debian. This time it didn't work and I kept looking.
Before repair: ... 2019-11-15 21:18:33 (294 KB/s) - ‘A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc’ saved [19665/19665] gpg: no valid OpenPGP data found. gpg: Total number processed: 0
You have previously asked about this on 17th of October and have been advised to use curl as the site suggests, not wget. The issue here is that 'curl' writes the downloaded file to its STDOUT by default, but wget does not. So pipe-based usage such as:
curl ... | gpg ... <- will work
but
wget ... | gpg ... <- will not
For 'wget' to work in the same situation you need to tell it to output the downloaded file to STDOUT, like curl does. It is done by appending "-O -" to its arguments. If you use wget, don't forget to do that:
wget -O - http://URL | gpg ...
On Sat, Nov 16, 2019 at 02:22:58PM +0100, Olaf Grimm wrote:
Ok, curl works now after update, although I also see this strange last line in STOUT.
Great.
My somewhat hidden question or hint is that I edited the key file by hand and the import suddenly works. I have the impression I accidentally fixed the download changed by 'wget' with the editor. I removed a 'carriage return'. This also changes the file content.
Is that possible or is there a deeper problem?
No, that is likely not what solved the problem. The previous problem was that you were running the wrong command.
If you run "wget ... | gpg", that means to take what wget outputs on the command line and send that as input into the gpg program. But wget outputs basically nothing on its command line: all it does is download the url and store it to a file. So when you send that 'basically nothing' to gpg, of course gpg can't find any useful keys in it.
Or as Roman said very well,
curl ... | gpg ... <- will work
but
wget ... | gpg ... <- will not
By the way, curl is not default in Debian Buster.
Yeah, we should probably fix all the guides to say "wget -O - ..." rather than "curl ..." so we aren't forcing people to install a new program just for this situation. Though I wonder if that will produce more confusion, because people won't paste or type it correctly. We'll see I guess!
--Roger
tor-relays@lists.torproject.org
-
Olaf Grimm -
Roger Dingledine -
Roman Mamedov