Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-80968

PGP Key changed on mongodb-org/testing

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 7.2.0-rc0
    • Affects Version/s: None
    • Component/s: None
    • Labels:
      None
    • Release Infrastructure
    • Fully Compatible
    • ALL
    • Hide

      Setup gpg keys (all the release keys as used in the past):

      $ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 20691EEC35216C63CAF66CE1656408E390CFB1F5
gpg: keybox '/tmp/tmp.iaIflEL03S/pubring.kbx' created
gpg: /tmp/tmp.iaIflEL03S/trustdb.gpg: trustdb created
gpg: key 656408E390CFB1F5: public key "MongoDB 4.4 Release Signing Key <packaging@mongodb.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
$ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 39BD841E4BE5FB195A65400E6A26B1AE64C3C388
gpg: key 6A26B1AE64C3C388: public key "MongoDB 6.0 Release Signing Key <packaging@mongodb.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
$ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 9DA31620334BD75D9DCB49F368818C72E52529D4
gpg: key 68818C72E52529D4: public key "MongoDB 4.0 Release Signing Key <packaging@mongodb.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
$ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys E162F504A20CDF15827F718D4B7C549A058F8B6B
gpg: key 4B7C549A058F8B6B: public key "MongoDB 4.2 Release Signing Key <packaging@mongodb.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
$ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys E58830201F7DD82CD808AA84160D26BB1785BA38
gpg: key 160D26BB1785BA38: public key "MongoDB 7.0 Release Signing Key <packaging@mongodb.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
$ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys F5679A222C647C87527C2F8CB00A0BD1E2C63C11
gpg: key B00A0BD1E2C63C11: public key "MongoDB 5.0 Release Signing Key <packaging@mongodb.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
$ mkdir -p /etc/apt/keyrings
$ gpg --batch --export 20691EEC35216C63CAF66CE1656408E390CFB1F5 39BD841E4BE5FB195A65400E6A26B1AE64C3C388 9DA31620334BD75D9DCB49F368818C72E52529D4 E162F504A20CDF15827F718D4B7C549A058F8B6B E58830201F7DD82CD808AA84160D26BB1785BA38 F5679A222C647C87527C2F8CB00A0BD1E2C63C11 > /etc/apt/keyrings/mongodb.gpg

      Setup the apt sources.list:

      $ echo 'deb [ signed-by=/etc/apt/keyrings/mongodb.gpg ] http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/testing multiverse' > '/etc/apt/sources.list.d/mongodb-org.list'
$ # also the regular repo for other deps like mongo-org-shell
$ echo 'deb [ signed-by=/etc/apt/keyrings/mongodb.gpg ] http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 multiverse' > '/etc/apt/sources.list.d/mongodb-7.0.list'

      Try to apt-get update:

      $ apt-get update
Get:1 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
...
Get:22 http://security.ubuntu.com/ubuntu jammy-security/restricted amd64 Packages [1059 kB]
Get:23 http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 Release.gpg [866 B]
Get:24 http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/testing Release.gpg [866 B]
Ign:24 http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/testing Release.gpg
Get:25 http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0/multiverse amd64 Packages [10.8 kB]
Reading package lists...
W: GPG error: http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/testing Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 81B0EBBBADCEA95C
E: The repository 'http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/testing Release' is not signed.

      With the same error for focal/mongodg-org/testing:

      W: GPG error: http://repo.mongodb.org/apt/ubuntu focal/mongodb-org/testing Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 81B0EBBBADCEA95C
      Show
      Setup gpg keys (all the release keys as used in the past): $ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 20691EEC35216C63CAF66CE1656408E390CFB1F5 gpg: keybox '/tmp/tmp.iaIflEL03S/pubring.kbx' created gpg: /tmp/tmp.iaIflEL03S/trustdb.gpg: trustdb created gpg: key 656408E390CFB1F5: public key "MongoDB 4.4 Release Signing Key <packaging@mongodb.com>" imported gpg: Total number processed: 1 gpg: imported: 1 $ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 39BD841E4BE5FB195A65400E6A26B1AE64C3C388 gpg: key 6A26B1AE64C3C388: public key "MongoDB 6.0 Release Signing Key <packaging@mongodb.com>" imported gpg: Total number processed: 1 gpg: imported: 1 $ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 9DA31620334BD75D9DCB49F368818C72E52529D4 gpg: key 68818C72E52529D4: public key "MongoDB 4.0 Release Signing Key <packaging@mongodb.com>" imported gpg: Total number processed: 1 gpg: imported: 1 $ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys E162F504A20CDF15827F718D4B7C549A058F8B6B gpg: key 4B7C549A058F8B6B: public key "MongoDB 4.2 Release Signing Key <packaging@mongodb.com>" imported gpg: Total number processed: 1 gpg: imported: 1 $ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys E58830201F7DD82CD808AA84160D26BB1785BA38 gpg: key 160D26BB1785BA38: public key "MongoDB 7.0 Release Signing Key <packaging@mongodb.com>" imported gpg: Total number processed: 1 gpg: imported: 1 $ gpg --batch --keyserver keyserver.ubuntu.com --recv-keys F5679A222C647C87527C2F8CB00A0BD1E2C63C11 gpg: key B00A0BD1E2C63C11: public key "MongoDB 5.0 Release Signing Key <packaging@mongodb.com>" imported gpg: Total number processed: 1 gpg: imported: 1 $ mkdir -p /etc/apt/keyrings $ gpg --batch --export 20691EEC35216C63CAF66CE1656408E390CFB1F5 39BD841E4BE5FB195A65400E6A26B1AE64C3C388 9DA31620334BD75D9DCB49F368818C72E52529D4 E162F504A20CDF15827F718D4B7C549A058F8B6B E58830201F7DD82CD808AA84160D26BB1785BA38 F5679A222C647C87527C2F8CB00A0BD1E2C63C11 > /etc/apt/keyrings/mongodb.gpg Setup the apt sources.list: $ echo 'deb [ signed-by=/etc/apt/keyrings/mongodb.gpg ] http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/testing multiverse' > '/etc/apt/sources.list.d/mongodb-org.list' $ # also the regular repo for other deps like mongo-org-shell $ echo 'deb [ signed-by=/etc/apt/keyrings/mongodb.gpg ] http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 multiverse' > '/etc/apt/sources.list.d/mongodb-7.0.list' Try to apt-get update: $ apt-get update Get:1 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB] ... Get:22 http://security.ubuntu.com/ubuntu jammy-security/restricted amd64 Packages [1059 kB] Get:23 http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 Release.gpg [866 B] Get:24 http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/testing Release.gpg [866 B] Ign:24 http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/testing Release.gpg Get:25 http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0/multiverse amd64 Packages [10.8 kB] Reading package lists... W: GPG error: http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/testing Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 81B0EBBBADCEA95C E: The repository 'http://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/testing Release' is not signed. With the same error for focal/mongodg-org/testing: W: GPG error: http://repo.mongodb.org/apt/ubuntu focal/mongodb-org/testing Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 81B0EBBBADCEA95C
    • 1

      The apt signing key for https://repo.mongodb.org/apt/ubuntu/dists/jammy/mongodb-org/testing has changed with the release of 7.0.2~rc1. This breaks the build 7.0.2~rc1 as well as for other RCs like 6.0.10~rc0 (and 5.0.21~rc0 in the focal suite).

      The ID mentioned by apt when attempting to use the repo does not match any of the keys on https://pgp.mongodb.com/. (81B0EBBBADCEA95C).

            Assignee:
            dylan.richardson@mongodb.com Dylan Richardson
            Reporter:
            joseph.ferguson@docker.com Joseph Ferguson
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: