尝试使用下载 Django 源包dget和.dsc文件这里。
然后 dget 无法验证来源,因为它缺少公钥。
$ dget https://launchpad.net/ubuntu...
[...]
dscverify: python-django_1.4.1-2.dsc failed signature check:
gpg: Signature made Tue 21 Aug 2012 09:12:04 CEST using RSA key ID F2AC729A
gpg: Can't check signature: public key not found
Validation FAILED!!
好的,我将这把钥匙添加到我的钥匙环中,因为我认为我可以信任它:
$ gpg --keyserver keyserver.ubuntu.com --recv-key 0xF2AC729A
gpg: requesting key F2AC729A from hkp server keyserver.ubuntu.com
gpg: key F2AC729A: "Raphaël Hertzog <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
(好吧,这个输出是在之后运行的,当时它已经在我的密钥环中了)
它确实存在:
$ gpg --fingerprint F2AC729A
pub 4096R/F2AC729A 2009-05-07
Key fingerprint = 3E4F B711 7877 F589 DBCF 06D6 E619 045D F2AC 729A
uid Raphaël Hertzog <[email protected]>
uid Raphaël Hertzog (Debian) <[email protected]>
uid Raphaël Hertzog (Freexian SARL) <[email protected]>
sub 2048R/71F23DEE 2009-05-07
但由于同样的原因仍然失败:
gpg: Signature made Tue 21 Aug 2012 09:12:04 CEST using RSA key ID F2AC729A
gpg: Can't check signature: public key not found
我以普通用户身份运行所有这些命令。我还尝试将此密钥添加到 APT 的密钥环和 root 的密钥环中。但都无济于事。
我在这里遗漏了什么?
答案1
我遇到了和你同样的问题,在查看了手册页后,dscverify我找到了解决方案:
将以下行添加到您的~/.devscripts:
DSCVERIFY_KEYRINGS="/etc/apt/trusted.gpg:~/.gnupg/pubring.gpg"
答案2
您可以反转文件并使用 /etc/devscripts.conf:
DSCVERIFY_KEYRINGS="~/.gnupg/pubring.gpg:/etc/apt/trusted.gpg"