Issue with the keys on Debian

Yesterday i have provisioned a new relay and i had problems downloading gpg key (i don’t know how i fixed the issue but i after i have tried 2-3 thing from “Google” the relay was provisioned) but know i am trying to update some of the old ones and get this error, wtf?

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: Index of /torproject.org bullseye InRelease: The following signatures were invalid: EXPKEYSIG 74A941BA219EC810 deb.torproject.org archive signing key
W: Failed to fetch https://deb.torproject.org/torproject.org/dists/bullseye/InRelease The following signatures were invalid: EXPKEYSIG 74A941BA219EC810 deb.torproject.org archive signing key
W: Some index files failed to download. They have been ignored, or old ones used instead.

This issue has been addressed in the mailing list, you may get some useful information from there:

https://lists.torproject.org/pipermail/tor-relays/2024-July/021739.html

Hello C,

that works perfect, thank you mate ; )

https://lists.torproject.org/pipermail/tor-relays/2024-July/021739.html
ie

wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null

Have a great days/nights

So should i update manually the key for all boxes or it’s planned an repository update so in the future the key will auto update

For the time being, it’s safe to update it yourself. I did it just a couple days ago.

This is from the mailing list, but have no idea if it’s supposed to be like that:

The repository key must be renewed manually every 2 years.
The rest is done by deb.torproject.org-keyring package.

https://lists.torproject.org/pipermail/tor-relays/2024-July/021749.html

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.