search

bitcoin-core / bitcoincore.org

Bitcoin Core project website
https://bitcoincore.org/
MIT License
620 stars 476 forks source link

Issue importing signing key on MacOS #667

Closed justinmoon closed 5 years ago

justinmoon commented 5 years ago

I'm teaching a class about using walllets this week. Multiple people have encountered an issue with steps 6 & 7 of the MacOS instructions:

$ gpg --recv-keys 01EA5486DE18A882D4C2684590C8019E36C2E964
gpg: key 90C8019E36C2E964: new key but contains no user ID - skipped
gpg: Total number processed: 1
gpg:           w/o user IDs: 1

$ gpg --verify SHA256SUMS.asc
gpg: Signature made Fri Aug  9 16:08:43 2019 KST
gpg:                using RSA key 90C8019E36C2E964
gpg: Can't check signature: No public key

I don't know exactly what this new key but contains no user ID means, and don't own a Mac to attempt to debug it.

We've fixed it by using ubuntu's keyserver:

gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 01EA5486DE18A882D4C2684590C8019E36C2E964
watwood commented 5 years ago

Cool. How can I attend?

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, August 26, 2019 2:17 PM, Justin Moon notifications@github.com wrote:

I'm teaching a class about using walllets this week. Multiple people have encountered an issue with steps 6 & 7 of the MacOS instructions:

$ gpg --recv-keys 01EA5486DE18A882D4C2684590C8019E36C2E964 gpg: key 90C8019E36C2E964: new key but contains no user ID - skipped gpg: Total number processed: 1 gpg: w/o user IDs: 1

$ gpg --verify SHA256SUMS.asc gpg: Signature made Fri Aug 9 16:08:43 2019 KST gpg: using RSA key 90C8019E36C2E964 gpg: Can't check signature: No public key

I don't know exactly what this new key but contains no user ID means, and don't own a Mac to attempt to debug it.

We've fixed it by using ubuntu's keyserver:

gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 01EA5486DE18A882D4C2684590C8019E36C2E964

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or mute the thread.

justinmoon commented 5 years ago

@watwood https://hodlbootcamp.com

harding commented 5 years ago

@justinmoon would you be able to get them to re-run the command with the --verbose flag and provide the output? Also the output of gpg --version (I don't have a mac either, but with that info, I can perhaps try replicating using the same settings/software on Linux).

bblastie commented 5 years ago

Hi @harding - I ran those two commands for you here. I was able to import the key with the fix Justin mentioned.

~/Downloads> gpg --version gpg (GnuPG/MacGPG2) 2.2.17 libgcrypt 1.8.4

gpg --verbose --recv-keys 01EA5486DE18A882D4C2684590C8019E36C2E964 gpg: data source: https://keys.openpgp.org:443 gpg: pub rsa4096/90C8019E36C2E964 2015-06-24 gpg: key 90C8019E36C2E964: "Wladimir J. van der Laan (Bitcoin Core binary release signing key) <laanwj@gmail.com>" not changed gpg: Total number processed: 1 gpg: unchanged: 1

maflcko commented 5 years ago

We've fixed it by using ubuntu's keyserver:

I've seen (maybe other) failures on the default keyserver, so I switched our ci system to use the ubuntu keyserver as well FWIW

https://github.com/bitcoin/bitcoin/blob/367b023ae444e7d9641c4a3469f9154461e50e68/ci/lint/06_script.sh#L23

harding commented 5 years ago

@blackblastie Thanks!

@MarcoFalke good to know. I'll update our instructions.