[tor-talk] Current RPMs re-siged with new key

Ondrej Mikle ondrej.mikle at gmail.com
Sun Aug 16 22:20:54 UTC 2015


as I was announcing few days ago, RPM keys rotated.

Since there seems to be bug in repo_gpgcheck validation of repomd.xml.asc, I
regenerated repo and package signatures. Both and were re-signed.

The new key's fingerprint is:

E273 44C4 BD24 BEDF E4F4  C741 803F EFB7 F4B8 5E0F

You can double-check the fingerprint on the The Tor RPM page

Yum/DNF should be able to pick up that the key is changed and import it, but in
case it doesn't, you can import it as root:

gpg --keyserver pool.sks-keyservers.net --recv-keys F4B85E0F
gpg -a --export E27344C4BD24BEDFE4F4C741803FEFB7F4B85E0F > tpo.asc
rpm --import tpo.asc


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150817/db1b6cda/attachment.sig>

More information about the tor-talk mailing list