ekristen
commented
5 years ago Without more, sounds like a networking problem. If you can provide logs that show otherwise please do so.
Closed rgsec closed 5 years ago
ekristen
commented
5 years ago Without more, sounds like a networking problem. If you can provide logs that show otherwise please do so.
rgsec
commented
5 years ago Incomplete due to Failures -- Success: 344, Failure: 196
List of Failures (first 10 only)
NOTE: First failure is generally the root cause.
IMPORTANT: If opening a ticket, please include this information.
- ID: sift-docker-repo
SLS: sift.repos.docker
Run#: 2
Comment: Failed to configure repo 'deb https://apt.dockerproject.org/repo ubuntu-xenial main': Error: key retrieval failed: Executing: /tmp/tmp.SBBO009QuC/gpg.1.sh --keyserverhkp://p80.pool.sks-keyservers.net:80 --logger-fd 1 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D gpgkeys: key 58118E89F3A912897C070ADBF76221572C52609D can't be retrieved gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net gpg: no valid OpenPGP data found. gpg: Total number processed: 0 gpg: keyserver communications error: keyserver helper general error gpg: keyserver communications error: unknown pubkey algorithm gpg: keyserver receive failed: unknown pubkey algorithm
errors:
rgsec
commented
5 years ago I tried to install it on AWS instance, then it is giving this error.
rgsec
commented
5 years ago Just to give some reference, At the start of installation also at the import PGP key step. It was failing with similar error for following command:
Import the PGP Key - gpg --keyserver hkp://pgp.mit.edu:80 --recv-keys 22598A94
But when I removed hkp:// prefix and port 80 from the keyserver path and it imported the PGP key fine:
Import the PGP Key - gpg --keyserver pgp.mit.edu --recv-keys 22598A94
But as the installation progresses, I am not finding anyway to modify the similar command line for pgp key for dockerproject.
ekristen
commented
5 years ago This is an ongoing discussion between a lot of people. With our without hkp and port 80 works for some, others require it. Why, I am not sure yet. The installation process handles pulling the key, you can try and install it manually head of time though and retry.
rgsec
commented
5 years ago I tried pulling the key manually ahead of time. Now it is failing with below error:
Incomplete due to Failures -- Success: 346, Failure: 194
List of Failures (first 10 only)
NOTE: First failure is generally the root cause.
IMPORTANT: If opening a ticket, please include this information.
- ID: autopsy
SLS: sift.packages.autopsy
Run#: 24
Comment: Problem encountered installing package(s). Additional info follows:errors:
ekristen
commented
5 years ago This is an known issue that I'm attempting to reproduce to troubleshoot. See https://github.com/sans-dfir/sift/issues/337
Cl0nex
commented
5 years ago I'm new to sfit. Trying to get SIFT runnning on a t2.large EC2 instance.
I'm using CIS Ubuntu Linux 16.04 LTS Benchmark v1.0.0.6 - Level 1-2ba49cfb-babd-43d3-81f6-3657aeb0f101-ami-015ce07051469d4ab.4 - ami-0f335ce28b726f993 SSD Volume Type: gp2 Size: 80 GiB
Errored out the last three times as follows:
Incomplete due to Failures -- Success: 522, Failure: 20
List of Failures (first 10 only)
NOTE: First failure is generally the root cause.
IMPORTANT: If opening a ticket, please include this information.
- ID: sift-docker-repo
SLS: sift.repos.docker
Run#: 2
Comment: Failed to configure repo 'deb https://apt.dockerproject.org/repo ubuntu-xenial main': Error: key retrieval failed: Executing: /tmp/tmp.nXADsIqK1p/gpg.1.sh --keyserverhkp://p80.pool.sks-keyservers.net:80 --logger-fd 1 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net gpg: keyserver timed out gpg: keyserver receive failed: keyserver error
/tmp/tmpoatz0coe/secring.gpg' created gpg: keyring/tmp/tmpoatz0coe/pubring.gpg' created
gpg: requesting key 86F44E2A from hkp server keyserver.ubuntu.com
gpg: /tmp/tmpoatz0coe/trustdb.gpg: trustdb created
gpg: key 86F44E2A: public key "Launchpad OpenJDK builds (all archs)" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)'This time I tried gpg --keyserver hkp://keyserver.ubuntu.com:11371 --recv-keys 22598A94
Errored out as follows:
Incomplete due to Failures -- Success: 452, Failure: 90
List of Failures (first 10 only)
NOTE: First failure is generally the root cause.
IMPORTANT: If opening a ticket, please include this information.
- ID: sift-docker-repo
SLS: sift.repos.docker
Run#: 2
Comment: Failed to configure repo 'deb https://apt.dockerproject.org/repo ubuntu-xenial main': Error: key retrieval failed: Executing: /tmp/tmp.DiKymb71FD/gpg.1.sh --keyserverhkp://p80.pool.sks-keyservers.net:80 --logger-fd 1 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net gpg: keyserver timed out gpg: keyserver receive failed: keyserver error
/tmp/tmpj16kwwlo/secring.gpg' created gpg: keyring/tmp/tmpj16kwwlo/pubring.gpg' created
gpg: requesting key 10C598B8 from hkp server keyserver.ubuntu.com
gpg: /tmp/tmpj16kwwlo/trustdb.gpg: trustdb created
gpg: key 10C598B8: public key "Launchpad PPA for Google Investigative Forensic Toolkit" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)'/tmp/tmp7_gyv5xs/secring.gpg' created gpg: keyring/tmp/tmp7_gyv5xs/pubring.gpg' created
gpg: requesting key 0744BEC3 from hkp server keyserver.ubuntu.com
gpg: /tmp/tmp7_gyv5xs/trustdb.gpg: trustdb created
gpg: key 0744BEC3: public key "Launchpad PPA for SANS Investigative Forensics Toolkit" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)'/tmp/tmp3v149v1z/secring.gpg' created gpg: keyring/tmp/tmp3v149v1z/pubring.gpg' created
gpg: requesting key F59EAE4D from hkp server keyserver.ubuntu.com
gpg: /tmp/tmp3v149v1z/trustdb.gpg: trustdb created
gpg: key F59EAE4D: public key "Launchpad PPA for NoobsLab" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)'/tmp/tmp0wejl7n0/secring.gpg' created gpg: keyring/tmp/tmp0wejl7n0/pubring.gpg' created
gpg: requesting key F59EAE4D from hkp server keyserver.ubuntu.com
gpg: /tmp/tmp0wejl7n0/trustdb.gpg: trustdb created
gpg: key F59EAE4D: public key "Launchpad PPA for NoobsLab" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)'/tmp/tmp7_t_mgkd/secring.gpg' created gpg: keyring/tmp/tmp7_t_mgkd/pubring.gpg' created
gpg: requesting key 86F44E2A from hkp server keyserver.ubuntu.com
gpg: /tmp/tmp7_t_mgkd/trustdb.gpg: trustdb created
gpg: key 86F44E2A: public key "Launchpad OpenJDK builds (all archs)" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)'Is there a way to get SIFT running on EC2? Would it be an option to provide a pre-build AMI on AWS, that could be simply used on AWS marketplace?
Please adivse?
Thank you for your help.
ekristen
commented
5 years ago Please do not comment on close issues. Please open a new issue.
hkp://p80.pool.sks-keyservers.net:80 --logger-fd 1 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D gpgkeys: key 58118E89F3A912897C070ADBF76221572C52609D can't be retrieved gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net gpg: no valid OpenPGP data found. gpg: Total number processed: 0 gpg: keyserver communications error: keyserver helper general error gpg: keyserver communications error: unknown pubkey algorithm gpg: keyserver receive failed: unknown pubkey algorithm
errors: