search

teamdfir / sift

SIFT
MIT License
483 stars 67 forks source link

SIFT on EC2 (CIS Ubuntu Linux 16.04 LTS Benchmark v1.0.0.6 - Level 1) #356

Closed Cl0nex closed 5 years ago

Cl0nex commented 5 years ago

I'm new to sift. Trying to get SIFT runnning on a t2.large EC2 instance.

I'm using CIS Ubuntu Linux 16.04 LTS Benchmark v1.0.0.6 - Level 1-2ba49cfb-babd-43d3-81f6-3657aeb0f101-ami-015ce07051469d4ab.4 - ami-0f335ce28b726f993 SSD Volume Type: gp2 Size: 80 GiB

Errored out the last three times as follows:

Incomplete due to Failures -- Success: 522, Failure: 20

            List of Failures (first 10 only)

NOTE: First failure is generally the root cause.

IMPORTANT: If opening a ticket, please include this information.

hkp://p80.pool.sks-keyservers.net:80 --logger-fd 1 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net gpg: keyserver timed out gpg: keyserver receive failed: keyserver error

This time I tried gpg --keyserver hkp://keyserver.ubuntu.com:11371 --recv-keys 22598A94

Errored out as follows:

    Incomplete due to Failures -- Success: 452, Failure: 90

            List of Failures (first 10 only)

NOTE: First failure is generally the root cause.

IMPORTANT: If opening a ticket, please include this information.

hkp://p80.pool.sks-keyservers.net:80 --logger-fd 1 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net gpg: keyserver timed out gpg: keyserver receive failed: keyserver error

Is there a way to get SIFT running on EC2? Would it be an option to provide a pre-build AMI on AWS, that could be simply used on AWS marketplace?

Please adivse?

Thank you for your help.

ekristen commented 5 years ago

There is no official AMI at this time.

I would need the log from the command line tool to be able to troubleshoot further.

Generally it’s an environmental issue that causes sift installation failures. It’s also not designed for a sever install only desktop at this time. Efforts are being made for server only

Cl0nex commented 5 years ago

Thanks for the feedback. I'm aware of the fact that's not designed for a sever install only desktop. That's why I’ve chosen to install it on top of (CIS Ubuntu Linux 16.04 LTS Benchmark v1.0.0.6 - Level 1), which is not a server OS. Would that case any troubles? What exact logs do you need to troubleshoot further? Thank you for your help.

Cl0nex commented 5 years ago

Just to be specific. You are most probably more interested in the logs from the first install which errored out with "Incomplete due to Failures -- Success: 522, Failure: 20" instead of the last one that resulted in "Incomplete due to Failures -- Success: 452, Failure: 90", right?

ekristen commented 5 years ago

The CLI tells you where the log file is. I’ll need that to look into this further.

Sent from my iPhone

On Mar 3, 2019, at 17:52, Cl0nex notifications@github.com wrote:

Just to be specific. You are most probably more interested in the logs from the first install which errored out with "Incomplete due to Failures -- Success: 522, Failure: 20" instead of the last that one that resulted in "Incomplete due to Failures -- Success: 452, Failure: 90", right?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.

Cl0nex commented 5 years ago

Maybe I'm blind but the below error does not specify a log file, does it? Which log file are you interested in?

Incomplete due to Failures -- Success: 452, Failure: 90

List of Failures (first 10 only)

 NOTE: First failure is generally the root cause.

 IMPORTANT: If opening a ticket, please include this information.

  - ID: sift-docker-repo
    SLS: sift.repos.docker
    Run#: 2
    Comment: Failed to configure repo 'deb https://apt.dockerproject.org/repo ubuntu-xenial main': Error: key retrieval failed: Executing: /tmp/tmp.EDRDHIu5dk/gpg.1.sh --keyserver

hkp://p80.pool.sks-keyservers.net:80 --logger-fd 1 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net gpg: keyserver timed out gpg: keyserver receive failed: keyserver error

ekristen commented 5 years ago

There is more output from the CLI, including version and some other stuff to include log file path.

Cl0nex commented 5 years ago

$ sudo sift install

sift-cli@1.7.1-master.f1177e4 sift-version: notinstalled

Installing and configuring SaltStack properly ...

downloading v2019.06.0

downloading sift-saltstack-v2019.06.0.tar.gz.asc downloading sift-saltstack-v2019.06.0.tar.gz.sha256 downloading sift-saltstack-v2019.06.0.tar.gz.sha256.asc downloading sift-saltstack-v2019.06.0.tar.gz validating file sift-saltstack-v2019.06.0.tar.gz validating signature for sift-saltstack-v2019.06.0.tar.gz.sha256 extracting update sift-saltstack-v2019.06.0.tar.gz performing update v2019.06.0 Log file: /var/cache/sift/cli/v2019.06.0/saltstack.log

Completed: python-software-properties (Took: 725189.334 ms) Completed: apt-transport-https (Took: 926.683 ms) Completed: deb https://apt.dockerproject.org/repo ubuntu-xenial main (Took: 120749.06 ms) Completed: sift-gift-dev (Took: 865.702 ms) Completed: gift (Took: 513977.613 ms) Completed: /etc/apt/preferences.d/gift (Took: 13.685 ms) Completed: sift-dev (Took: 808.905 ms) Completed: sift-repo (Took: 513322.257 ms) Completed: /etc/apt/preferences.d/sift (Took: 3.532 ms) Completed: software-properties-common (Took: 5.971 ms) Completed: noobslab-themes (Took: 512883.458 ms) Completed: noobslab-icons (Took: 512935.868 ms) Completed: openjdk-repo (Took: 513184.956 ms) Completed: deb http://archive.ubuntu.com/ubuntu/ xenial multiverse (Took: 723837.452 ms) Completed: deb http://archive.ubuntu.com/ubuntu/ xenial-security multiverse (Took: 724466.454 ms) Completed: deb http://archive.ubuntu.com/ubuntu/ xenial universe (Took: 724741.467 ms) Completed: ubuntutweak (Took: 0.446 ms) Completed: binplist (Took: 10.797 ms) Completed: unity-webapps-common (Took: 10.039 ms) Completed: aeskeyfind (Took: 2745.479 ms) Completed: afflib-tools (Took: 3972.386 ms) Completed: afterglow (Took: 3897.592 ms) Completed: aircrack-ng (Took: 4926.428 ms) Completed: apache2 (Took: 8135.756 ms) Completed: arp-scan (Took: 6019.978 ms) Completed: autopsy (Took: 17459.078 ms) Completed: bcrypt (Took: 3764.335 ms) Completed: bkhive (Took: 3827.509 ms) Completed: bless (Took: 17901.119 ms) Completed: blt (Took: 4273.091 ms) Completed: build-essential (Took: 14275.086 ms) Completed: cabextract (Took: 3731.383 ms) Completed: ccrypt (Took: 3675.579 ms) Completed: cifs-utils (Took: 7899.314 ms) Completed: clamav (Took: 6605.692 ms) Completed: cmospwd (Took: 3700.976 ms) Completed: cryptcat (Took: 3612.378 ms) Completed: cryptsetup (Took: 984.888 ms) Completed: curl (Took: 5.732 ms) Completed: dc3dd (Took: 2830.176 ms) Completed: dcfldd (Took: 3623.151 ms) Completed: dconf-tools (Took: 13549.02 ms) Completed: driftnet (Took: 3788.552 ms) Completed: dsniff (Took: 4330.267 ms) Completed: e2fslibs-dev (Took: 4490.311 ms) Completed: ent (Took: 3682.029 ms) Completed: epic5 (Took: 3789.168 ms) Completed: etherape (Took: 7424.341 ms) Completed: ettercap-graphical (Took: 4339.382 ms) Completed: exfat-fuse (Took: 3898.141 ms) Completed: exfat-utils (Took: 980.568 ms) Completed: exif (Took: 2852.712 ms) Completed: extundelete (Took: 3707.597 ms) Completed: fdupes (Took: 3675.972 ms) Completed: feh (Took: 4370.284 ms) Completed: flasm (Took: 4225.611 ms) Completed: flex (Took: 4031.159 ms) Completed: foremost (Took: 3765.388 ms) Completed: g++ (Took: 987.529 ms) Completed: gawk (Took: 5.591 ms) Completed: gcc (Took: 5.437 ms) Completed: gdb (Took: 4176.186 ms) Completed: gddrescue (Took: 3928.355 ms) Completed: ghex (Took: 4266.569 ms) Completed: git (Took: 977.088 ms) Completed: graphviz (Took: 4053.873 ms) Completed: grepcidr (Took: 3702.102 ms) Completed: gthumb (Took: 20392.472 ms) Completed: gzrt (Took: 3822.913 ms) Completed: hexedit (Took: 3857.75 ms) Completed: htop (Took: 3750.257 ms) Completed: hydra (Took: 5011.05 ms) Completed: hydra-gtk (Took: 3884.215 ms) Completed: ipython (Took: 6284.46 ms) Completed: jq (Took: 3860.389 ms) Completed: kdiff3 (Took: 53326.73 ms) Completed: knocker (Took: 3886.734 ms) Completed: kpartx (Took: 3783.895 ms) Completed: lft (Took: 3878.736 ms) Completed: libafflib-dev (Took: 3681.907 ms) Completed: libafflib0v5 (Took: 979.186 ms) Completed: libfuse-dev (Took: 4088.576 ms) Completed: libncurses5-dev (Took: 3986.662 ms) Completed: libnet1 (Took: 973.599 ms) Completed: libparse-win32registry-perl (Took: 3328.843 ms) Completed: libssl-dev (Took: 5550.048 ms) Completed: libtext-csv-perl (Took: 4660.0 ms) Completed: libxml2-dev (Took: 6165.156 ms) Completed: libxslt-dev (Took: 4755.135 ms) Completed: md5deep (Took: 4146.994 ms) Completed: nbd-client (Took: 9335.769 ms) Completed: nbtscan (Took: 3806.757 ms) Completed: netcat (Took: 976.947 ms) Completed: netpbm (Took: 6466.754 ms) Completed: netsed (Took: 3852.81 ms) Completed: netwox (Took: 5695.753 ms) Completed: nfdump (Took: 4941.62 ms) Completed: ngrep (Took: 3803.712 ms) Completed: nikto (Took: 4876.511 ms) Completed: okular (Took: 6077.801 ms) Completed: open-iscsi (Took: 977.391 ms) Completed: ophcrack (Took: 3266.239 ms) Completed: ophcrack-cli (Took: 3864.378 ms) Completed: outguess (Took: 3875.004 ms) Completed: p0f (Took: 3904.521 ms) Completed: p7zip-full (Took: 4065.093 ms) Completed: pdftk (Took: 6905.887 ms) Completed: perl (Took: 980.968 ms) Running: perl -MCPAN -e 'my $c = "CPAN::HandleConfig"; $c->load(doit => 1, autoconfig => 1); $c->edit(prerequisites_>> Completed: perl -MCPAN -e 'my $c = "CPAN::HandleConfig"; $c->load(doit => 1, autoconfig => 1); $c->edit(prerequisites_policy => "follow"); $c->edit(build_requires_install_policy => "yes"); $c->commit' (Took: 0.503 ms) Completed: pev (Took: 2886.118 ms) Completed: phonon (Took: 989.871 ms) Completed: pkg-config (Took: 2903.545 ms) Completed: python-plaso (Took: 983.443 ms) Completed: python-dfvfs (Took: 10.555 ms) Completed: python (Took: 8.449 ms) Completed: python3-xlsxwriter (Took: 10.178 ms) Completed: python-xlsxwriter (Took: 3793.432 ms) Completed: /var/cache/sift/archives/powershell_6.0.0-alpha.13-1ubuntu1.16.04.1_amd64.deb (Took: 1162.2 ms) Completed: sift-powershell (Took: 7107.425 ms) Completed: pv (Took: 3944.169 ms) Completed: pyew (Took: 4239.977 ms) Completed: python-dev (Took: 6512.876 ms) Completed: python-fuse (Took: 3745.385 ms) Completed: python-nids (Took: 3675.672 ms) Completed: python-pefile (Took: 8707.808 ms) Completed: python-pip (Took: 7280.647 ms) Completed: pytsk3 (Took: 982.495 ms) Completed: python-pytsk3 (Took: 5315.197 ms) Completed: python-qt4 (Took: 5372.275 ms) Completed: python-tk (Took: 3696.952 ms) Completed: python-virtualenv (Took: 4509.304 ms) Completed: colorama (Took: 171416.396 ms) Completed: construct (Took: 172003.382 ms) Completed: dpapick (Took: 273627.182 ms) Completed: distorm3 (Took: 172977.602 ms) Completed: haystack (Took: 249124.038 ms) Completed: lxml (Took: 172495.793 ms) Completed: ioc_writer (Took: 172008.986 ms) Completed: pefile (Took: 53655.241 ms) Completed: pycoin (Took: 172175.154 ms) Completed: pysocks (Took: 172039.772 ms) Completed: simplejson (Took: 173021.27 ms) Completed: yara-python (Took: 180086.412 ms) Completed: python-yara (Took: 3107.713 ms) Completed: python3 (Took: 991.265 ms) Completed: python3-pip (Took: 8030.222 ms) Completed: qemu (Took: 13138.062 ms) Completed: qemu-utils (Took: 1065.614 ms) Completed: radare2 (Took: 4550.769 ms) Completed: rar (Took: 3987.865 ms) Completed: readpst (Took: 4314.713 ms) Completed: rsakeyfind (Took: 3886.651 ms) Completed: safecopy (Took: 4012.946 ms) Completed: samba (Took: 8419.847 ms) Completed: samdump2 (Took: 989.733 ms) Completed: scalpel (Took: 3066.598 ms) Completed: sleuthkit (Took: 346.439 ms) Completed: socat (Took: 3900.064 ms) Completed: ssdeep (Took: 3915.001 ms) Completed: ssldump (Took: 4086.079 ms) Completed: sslsniff (Took: 4053.576 ms) Completed: stunnel4 (Took: 4645.815 ms) Completed: system-config-samba (Took: 6275.966 ms) Completed: tcl (Took: 4162.582 ms) Completed: tcpflow (Took: 4074.533 ms) Completed: tcpick (Took: 3904.398 ms) Completed: tcpreplay (Took: 3918.184 ms) Completed: tcpslice (Took: 3904.496 ms) Completed: tcpstat (Took: 4038.662 ms) Completed: tcptrace (Took: 4246.101 ms) Completed: tcptrack (Took: 3908.065 ms) Completed: tcpxtract (Took: 3909.702 ms) Completed: testdisk (Took: 4049.058 ms) Completed: tofrodos (Took: 3890.74 ms) Completed: transmission (Took: 4992.163 ms) Completed: unity-control-center (Took: 34477.639 ms) Completed: unrar (Took: 4034.844 ms) Completed: upx-ucl (Took: 4144.278 ms) Completed: vbindiff (Took: 3937.852 ms) Completed: vim (Took: 986.656 ms) Completed: virtuoso-minimal (Took: 4258.505 ms) Completed: vmfs-tools (Took: 3941.666 ms) Completed: winbind (Took: 5284.954 ms) Completed: dpkg --add-architecture i386 (Took: 658.341 ms) Completed: sift-wine-apt-update (Took: 1498495.841 ms) Completed: wine (Took: 48136.202 ms) Completed: wireshark (Took: 20093.211 ms) Completed: xdot (Took: 5266.463 ms) Completed: xfsprogs (Took: 1073.27 ms) Completed: xpdf (Took: 5090.586 ms) Completed: zenity (Took: 990.425 ms) Completed: git+https://github.com/dkovar/analyzeMFT.git@64c71d7c8905a119b7abdf9813e6ef5f11d3ccf1 (Took: 27705.512 ms) Completed: git+https://github.com/mbevilacqua/appcompatprocessor.git@46ba76a73fcf71640f2a6e9db02afaaac3e178b9 (Took: 180110.785 ms) Completed: argparse (Took: 81174.115 ms) Completed: bitstring (Took: 172482.554 ms) Completed: docopt (Took: 172411.806 ms) Completed: geoip2 (Took: 188165.09 ms) Completed: machinae (Took: 354324.985 ms) Completed: pip==9.0.1 (Took: 274633.565 ms) Completed: python-dateutil >= 2.4.2 (Took: 168853.902 ms) Completed: python-evtx (Took: 352954.007 ms) Completed: python-magic (Took: 168863.33 ms) Completed: python-registry (Took: 52160.402 ms) Completed: setuptools (Took: 270966.822 ms) Completed: wheel (Took: 269775.154 ms) Completed: /opt/rekall (Took: 396047.094 ms) Completed: rekall (Took: 2100.84 ms) Completed: /usr/local/bin/rekall (Took: 32.999 ms) Completed: six (Took: 52170.209 ms) Completed: stix (Took: 231322.57 ms) Completed: stix-validator (Took: 200707.198 ms) Completed: unicodecsv (Took: 169393.967 ms) Completed: usnparser (Took: 169400.701 ms) Completed: virustotal-api (Took: 168918.576 ms) Completed: windowsprefetch (Took: 169395.049 ms) Completed: /usr/local/src/densityscout/densityscout_build_45_linux (Took: 1391.08 ms) Completed: /usr/local/bin/densityscout-build-45 (Took: 1.126 ms) Completed: /usr/local/bin/densityscout (Took: 33.112 ms) Completed: sift-tools (Took: 0.412 ms) Completed: https://github.com/cheeky4n6monkey/4n6-scripts.git (Took: 2489.852 ms) Completed: /usr/local/bin/WP8_AppPerms.py (Took: 1.642 ms) Completed: /usr/local/bin/bing-bar-parser.pl (Took: 1.551 ms) Completed: /usr/local/bin/chunkymonkey.py (Took: 1.457 ms) Completed: /usr/local/bin/dextract.def (Took: 1.383 ms) Completed: /usr/local/bin/dextract.py (Took: 1.371 ms) Completed: /usr/local/bin/docx-font-extractor.pl (Took: 1.405 ms) Completed: /usr/local/bin/exif2map.pl (Took: 1.502 ms) Completed: /usr/local/bin/fbmsg-extractor.py (Took: 1.382 ms) Completed: /usr/local/bin/gis4cookie.pl (Took: 1.447 ms) Completed: /usr/local/bin/google-ei-time.py (Took: 1.458 ms) Completed: /usr/local/bin/imgcache-parse-mod.py (Took: 1.424 ms) Completed: /usr/local/bin/imgcache-parse.py (Took: 1.514 ms) Completed: /usr/local/bin/json-printer.pl (Took: 1.395 ms) Completed: /usr/local/bin/msoffice-pic-extractor.py (Took: 1.4 ms) Completed: /usr/local/bin/plist2db.py (Took: 1.363 ms) Completed: /usr/local/bin/print_apk_perms.py (Took: 1.526 ms) Completed: /usr/local/bin/s2-cellid2latlong.py (Took: 1.519 ms) Completed: /usr/local/bin/s2-latlong2cellid.py (Took: 1.399 ms) Completed: /usr/local/bin/sms-grep-sample-config.txt (Took: 1.383 ms) Completed: /usr/local/bin/sms-grep.pl (Took: 1.383 ms) Completed: /usr/local/bin/sqlite-base64-decode.py (Took: 1.426 ms) Completed: /usr/local/bin/sqlite-blob-dumper.py (Took: 1.501 ms) Completed: /usr/local/bin/sqlite-parser.pl (Took: 1.401 ms) Completed: /usr/local/bin/squirrelgripper-README.txt (Took: 1.404 ms) Completed: /usr/local/bin/squirrelgripper.pl (Took: 1.409 ms) Completed: /usr/local/bin/timediff32.pl (Took: 1.385 ms) Completed: /usr/local/bin/vmail-db-2-html.pl (Took: 1.546 ms) Completed: /usr/local/bin/wp8-1-callhistory.py (Took: 1.467 ms) Completed: /usr/local/bin/wp8-1-contacts.py (Took: 1.408 ms) Completed: /usr/local/bin/wp8-1-mms-filesort.py (Took: 1.401 ms) Completed: /usr/local/bin/wp8-1-mms.py (Took: 1.415 ms) Completed: /usr/local/bin/wp8-1-sms.py (Took: 1.533 ms) Completed: /usr/local/bin/wp8-callhistory.py (Took: 1.415 ms) Completed: /usr/local/bin/wp8-contacts.py (Took: 1.362 ms) Completed: /usr/local/bin/wp8-fb-msg.py (Took: 1.405 ms) Completed: /usr/local/bin/wp8-sha256-pin-finder.py (Took: 1.41 ms) Completed: /usr/local/bin/wp8-sms.py (Took: 1.504 ms) Completed: /usr/local/bin/wwf-chat-parser.py (Took: 1.399 ms) Completed: /usr/local/bin/amcache.py (Took: 131.589 ms) Completed: /usr/local/bin/amcache.py (Took: 3.835 ms) Completed: /usr/local/bin/dump-mft-entry.pl (Took: 93.106 ms) Completed: /usr/local/bin/dump-mft-entry.pl (Took: 1.712 ms) Completed: /usr/local/bin/imageMounter.py (Took: 157.156 ms) Completed: /usr/local/bin/idx_parser.py (Took: 115.365 ms) Completed: /usr/local/bin/jobparser.py (Took: 123.522 ms) Completed: https://github.com/keydet89/Tools.git (Took: 2817.175 ms) Completed: /usr/local/bin/bodyfile.pl (Took: 8.72 ms) Completed: /usr/local/bin/bodyfile.pl (Took: 2.077 ms) Completed: /usr/local/bin/evtparse.pl (Took: 1.416 ms) Completed: /usr/local/bin/evtparse.pl (Took: 2.33 ms) Completed: /usr/local/bin/evtrpt.pl (Took: 1.373 ms) Completed: /usr/local/bin/evtrpt.pl (Took: 2.177 ms) Completed: /usr/local/bin/evtxparse.pl (Took: 1.459 ms) Completed: /usr/local/bin/evtxparse.pl (Took: 1.883 ms) Completed: /usr/local/bin/fb.pl (Took: 1.488 ms) Completed: /usr/local/bin/fb.pl (Took: 1.859 ms) Completed: /usr/local/bin/ff.pl (Took: 1.496 ms) Completed: /usr/local/bin/ff.pl (Took: 1.965 ms) Completed: /usr/local/bin/ff_signons.pl (Took: 1.533 ms) Completed: /usr/local/bin/ff_signons.pl (Took: 2.06 ms) Completed: /usr/local/bin/ftkparse.pl (Took: 1.505 ms) Completed: /usr/local/bin/ftkparse.pl (Took: 1.784 ms) Completed: /usr/local/bin/idx.pl (Took: 1.394 ms) Completed: /usr/local/bin/idx.pl (Took: 2.785 ms) Completed: /usr/local/bin/idxparse.pl (Took: 1.379 ms) Completed: /usr/local/bin/idxparse.pl (Took: 2.547 ms) Completed: /usr/local/bin/jl.pl (Took: 1.377 ms) Completed: /usr/local/bin/jl.pl (Took: 1.964 ms) Completed: /usr/local/bin/jobparse.pl (Took: 1.464 ms) Completed: /usr/local/bin/jobparse.pl (Took: 2.349 ms) Completed: /usr/local/bin/lfle.pl (Took: 1.448 ms) Completed: /usr/local/bin/lfle.pl (Took: 2.526 ms) Completed: /usr/local/bin/lnk.pl (Took: 1.452 ms) Completed: /usr/local/bin/lnk.pl (Took: 1.942 ms) Completed: /usr/local/bin/mft.pl (Took: 1.475 ms) Completed: /usr/local/bin/mft.pl (Took: 3.16 ms) Completed: /usr/local/bin/parse.pl (Took: 1.475 ms) Completed: /usr/local/bin/parse.pl (Took: 2.124 ms) Completed: /usr/local/bin/parsei30.pl (Took: 1.375 ms) Completed: /usr/local/bin/parsei30.pl (Took: 2.01 ms) Completed: /usr/local/bin/parseie.pl (Took: 1.405 ms) Completed: /usr/local/bin/parseie.pl (Took: 2.359 ms) Completed: /usr/local/bin/pie.pl (Took: 1.475 ms) Completed: /usr/local/bin/pie.pl (Took: 2.207 ms) Completed: /usr/local/bin/pref.pl (Took: 1.468 ms) Completed: /usr/local/bin/pref.pl (Took: 2.023 ms) Completed: /usr/local/bin/rawie.pl (Took: 1.363 ms) Completed: /usr/local/bin/rawie.pl (Took: 2.218 ms) Completed: /usr/local/bin/recbin.pl (Took: 1.348 ms) Completed: /usr/local/bin/recbin.pl (Took: 2.295 ms) Completed: /usr/local/bin/regslack.pl (Took: 1.399 ms) Completed: /usr/local/bin/regslack.pl (Took: 2.75 ms) Completed: /usr/local/bin/regtime.pl (Took: 1.37 ms) Completed: /usr/local/bin/regtime.pl (Took: 1.775 ms) Completed: /usr/local/bin/rfc.pl (Took: 1.444 ms) Completed: /usr/local/bin/rfc.pl (Took: 1.538 ms) Completed: /usr/local/bin/rlo.pl (Took: 1.372 ms) Completed: /usr/local/bin/rlo.pl (Took: 1.892 ms) Completed: /usr/local/bin/tln.pl (Took: 1.339 ms) Completed: /usr/local/bin/tln.pl (Took: 2.208 ms) Completed: /usr/local/bin/usnj.pl (Took: 1.36 ms) Completed: /usr/local/bin/usnj.pl (Took: 2.318 ms) Completed: /usr/local/bin/packerid.py (Took: 162.038 ms) Completed: /usr/local/bin/packerid.py (Took: 2.608 ms) Completed: /usr/local/bin (Took: 106.278 ms) Completed: /usr/local/bin/parseusn.py (Took: 130.509 ms) Completed: /usr/local/bin (Took: 65.45 ms) Completed: /usr/local/bin/pecarve.py (Took: 124.561 ms) Completed: /usr/local/bin/pecarve.py (Took: 2.407 ms) Completed: git+https://github.com/jtpereyda/libdasm.git@68d61b1#egg=version_subpkg&subdirectory=pydasm (Took: 80010.971 ms) Completed: /usr/local/bin/pescanner.py (Took: 107.898 ms) Completed: https://github.com/keydet89/RegRipper2.8.git (Took: 2915.338 ms) Completed: /usr/share/regripper (Took: 3.638 ms) Completed: /usr/share/regripper/rip.pl (Took: 4.827 ms) Completed: /usr/share/regripper/plugins (Took: 5.297 ms) Completed: /usr/local/bin/rip.pl (Took: 31.758 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "All" | cut -f1 -d: | xargs -n1 -I{} basen>> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "All" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/all (Took: 0.449 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "All" | cut -f1 -d: | xargs -n1 -I{} basen>> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "All" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/all (Took: 317.511 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "NTUSER" | cut -f1 -d: | xargs -n1 -I{} ba>> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "NTUSER" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/ntuser (Took: 0.536 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "NTUSER" | cut -f1 -d: | xargs -n1 -I{} ba>> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "NTUSER" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/ntuser (Took: 407.733 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "USRCLASS" | cut -f1 -d: | xargs -n1 -I{} >> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "USRCLASS" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/usrclass (Took: 0.559 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "USRCLASS" | cut -f1 -d: | xargs -n1 -I{} >> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "USRCLASS" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/usrclass (Took: 313.587 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "SAM" | cut -f1 -d: | xargs -n1 -I{} basen>> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "SAM" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/sam (Took: 0.543 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "SAM" | cut -f1 -d: | xargs -n1 -I{} basen>> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "SAM" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/sam (Took: 311.375 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "Security" | cut -f1 -d: | xargs -n1 -I{} >> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "Security" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/security (Took: 0.62 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "Security" | cut -f1 -d: | xargs -n1 -I{} >> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "Security" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/security (Took: 311.767 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "Software" | cut -f1 -d: | xargs -n1 -I{} >> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "Software" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/software (Took: 0.589 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "Software" | cut -f1 -d: | xargs -n1 -I{} >> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "Software" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/software (Took: 372.017 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "System" | cut -f1 -d: | xargs -n1 -I{} ba>> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "System" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/system (Took: 0.653 ms) Running: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "System" | cut -f1 -d: | xargs -n1 -I{} ba>> Completed: grep -R "my %config = (hive" /usr/share/regripper/plugins | grep "System" | cut -f1 -d: | xargs -n1 -I{} basename {} | sed 's/.pl$//' > /usr/share/regripper/plugins/system (Took: 356.16 ms) Completed: /usr/local/bin/set-display-scale (Took: 5.118 ms) Completed: /usr/local/bin/ShimCacheParser.py (Took: 128.825 ms) Completed: /usr/local/bin/ShimCacheParser.py (Took: 4.289 ms) Completed: /usr/share/sift/resources (Took: 1.456 ms) Completed: /usr/share/sift/images (Took: 0.967 ms) Completed: /usr/share/sift/audio (Took: 0.971 ms) Completed: /usr/share/sift/other (Took: 0.955 ms) Completed: /usr/share/sift/scripts (Took: 0.93 ms) Completed: /usr/share/sift (Took: 315.302 ms) Completed: /usr/share/tsk/sorter (Took: 4.497 ms) Completed: /usr/share/tsk/sorter (Took: 60.571 ms) Completed: /usr/local/bin/fun_stuff.pl (Took: 96.608 ms) Completed: /usr/local/bin/sqlite_miner.pl (Took: 94.879 ms) Completed: /usr/local/bin/sqlite_miner.pl (Took: 4.21 ms) Completed: /usr/local/bin/sqlparser.py (Took: 275.127 ms) Completed: /usr/local/bin/sqlparser.py (Took: 2.306 ms) Completed: /usr/local/bin/usbdeviceforensics.py (Took: 101.933 ms) Completed: /usr/local/bin/usbdeviceforensics.py (Took: 4.841 ms) Completed: /usr/local/src/virustotal-search-v0.1.4 (Took: 419.527 ms) Completed: /usr/local/bin/virustotal-search.py (Took: 30.781 ms) Completed: /usr/local/src/virustotal-submit-v0.0.3 (Took: 341.378 ms) Completed: /usr/local/bin/virustotal-submit.py (Took: 33.068 ms) Completed: /etc/hostname (Took: 4.296 ms) Completed: hostnamectl set-hostname siftworkstation (Took: 658.062 ms) Completed: siftworkstation (Took: 2.589 ms) Completed: ubuntu (Took: 7.029 ms) Completed: /home/ubuntu/.bash_aliases (Took: 1.341 ms) Completed: /home/ubuntu/.bash_aliases (Took: 2.01 ms) Completed: /root/.bash_aliases (Took: 1.208 ms) Completed: /home/ubuntu/.bashrc (Took: 1.779 ms) Completed: /home/ubuntu/.bashrc (Took: 1.746 ms) Completed: /home/ubuntu/.bashrc (Took: 3.53 ms) Completed: /home/ubuntu/.bashrc (Took: 1.693 ms) Completed: /root/.bashrc (Took: 1.407 ms) Completed: /root/.bashrc (Took: 3.289 ms) Completed: /root/.bashrc (Took: 1.358 ms) Completed: /home/ubuntu/.config/autostart (Took: 1.704 ms) Completed: /home/ubuntu/Desktop/Network-Forensics-Poster.pdf (Took: 602.959 ms) Completed: /home/ubuntu/Desktop/DFIR-Threat-Intel-Poster.pdf (Took: 584.653 ms) Completed: /home/ubuntu/Desktop/SIFT-REMnux-Poster.pdf (Took: 306.754 ms) Completed: /home/ubuntu/Desktop/Memory-Forensics-Poster.pdf (Took: 261.843 ms) Completed: /home/ubuntu/Desktop/Rekall-Cheatsheet.pdf (Took: 141.74 ms) Completed: /home/ubuntu/Desktop/DFIR-Smartphone-Forensics-Poster.pdf (Took: 516.341 ms) Completed: /home/ubuntu/Desktop/Windows-Forensics-Poster.pdf (Took: 664.512 ms) Completed: /home/ubuntu/Desktop/Find-Evil.pdf (Took: 263.219 ms) Completed: /home/ubuntu/Desktop/SIFT-Cheatsheet.pdf (Took: 102.97 ms) Completed: /home/ubuntu/Desktop/Linux-Shell-Survival-Guide.pdf (Took: 117.449 ms) Completed: /home/ubuntu/Desktop/Windows-to-Unix-Cheatsheet.pdf (Took: 308.912 ms) Completed: /home/ubuntu/Desktop/Volatility-Cheatsheet.pdf (Took: 137.556 ms) Completed: /home/ubuntu/Desktop/Hex-File-Regex-Cheatsheet.pdf (Took: 87.958 ms) Completed: /home/ubuntu/.rekallrc (Took: 3.228 ms) Completed: /home/ubuntu/Desktop (Took: 0.651 ms) Completed: /home/ubuntu/Desktop/mount_points (Took: 0.978 ms) Completed: /home/ubuntu/Desktop/cases (Took: 0.975 ms) Completed: /usr/share/sift/terminal-profiles.txt (Took: 2.891 ms) Completed: dconf load /org/gnome/terminal/ < /usr/share/sift/terminal-profiles.txt (Took: 347.599 ms) Completed: /usr/share/backgrounds (Took: 0.95 ms) Completed: /usr/share/backgrounds/warty-final-ubuntu.png (Took: 7.895 ms) Completed: /usr/share/unity-greeter (Took: 0.717 ms) Completed: /usr/share/unity-greeter/logo.png (Took: 2.84 ms) Completed: /home/ubuntu/.config/autostart/ (Took: 0.656 ms) Completed: /home/ubuntu/.config/autostart/gnome-terminal.desktop (Took: 2.747 ms) Completed: gsettings set com.canonical.Unity.Launcher launcher-position Bottom (Took: 346.692 ms) Running: gsettings set com.canonical.Unity.Lenses disabled-scopes "['more_suggestions-amazon.scope', 'more_suggestions-u1ms.scope', 'more_suggestions-populartracks.scope', 'music-musicstore.scope', 'moresuggestions-ebay.scope', 'more>> Completed: gsettings set com.canonical.Unity.Lenses disabled-scopes "['more_suggestions-amazon.scope', 'more_suggestions-u1ms.scope', 'more_suggestions-populartracks.scope', 'music-musicstore.scope', 'more_suggestions-ebay.scope', 'more_suggestions-ubuntushop.scope', 'more_suggestions-skimlinks.scope']" (Took: 349.671 ms) Running: gsettings set com.canonical.Unity.Launcher favorites "['application://gnome-terminal.desktop', 'application://firefox.desktop', 'application://org.gnome.Nautilus.desktop', 'application://unity-control-center.desktop', 'unity:/>> Completed: gsettings set com.canonical.Unity.Launcher favorites "['application://gnome-terminal.desktop', 'application://firefox.desktop', 'application://org.gnome.Nautilus.desktop', 'application://unity-control-center.desktop', 'unity://running-apps', 'unity://expo-icon', 'unity://devices']" (Took: 348.088 ms) Completed: dconf write /org/compiz/profiles/unity/plugins/unityshell/icon-size 32 (Took: 353.091 ms) Completed: dconf write /org/compiz/profiles/unity/plugins/unityshell/launcher-minimize-window true (Took: 347.518 ms) Completed: Etc/UTC (Took: 349.855 ms) Completed: /cases (Took: 2.122 ms) Completed: /mnt/usb (Took: 1.609 ms) Completed: /mnt/vss (Took: 0.971 ms) Completed: /mnt/shadow_mount (Took: 0.936 ms) Completed: /mnt/windows_mount (Took: 0.914 ms) Completed: /mnt/ewf_mount (Took: 0.908 ms) Completed: /mnt/e01 (Took: 0.901 ms) Completed: /mnt/aff (Took: 0.925 ms) Completed: /mnt/ewf (Took: 0.907 ms) Completed: /mnt/bde (Took: 0.898 ms) Completed: /mnt/iscsi (Took: 0.906 ms) Completed: /mnt/windows_mount1 (Took: 0.957 ms) Completed: /mnt/windows_mount2 (Took: 0.914 ms) Completed: /mnt/windows_mount3 (Took: 0.944 ms) Completed: /mnt/windows_mount4 (Took: 0.91 ms) Completed: /mnt/windows_mount5 (Took: 0.929 ms) Completed: /mnt/shadow_mount/vss1 (Took: 0.953 ms) Completed: /mnt/shadow_mount/vss2 (Took: 0.928 ms) Completed: /mnt/shadow_mount/vss3 (Took: 0.923 ms) Completed: /mnt/shadow_mount/vss4 (Took: 0.927 ms) Completed: /mnt/shadow_mount/vss5 (Took: 0.94 ms) Completed: /mnt/shadow_mount/vss6 (Took: 0.921 ms) Completed: /mnt/shadow_mount/vss7 (Took: 0.99 ms) Completed: /mnt/shadow_mount/vss8 (Took: 0.923 ms) Completed: /mnt/shadow_mount/vss9 (Took: 0.936 ms) Completed: /mnt/shadow_mount/vss10 (Took: 0.928 ms) Completed: /mnt/shadow_mount/vss11 (Took: 0.961 ms) Completed: /mnt/shadow_mount/vss12 (Took: 0.953 ms) Completed: /mnt/shadow_mount/vss13 (Took: 0.944 ms) Completed: /mnt/shadow_mount/vss14 (Took: 0.931 ms) Completed: /mnt/shadow_mount/vss15 (Took: 0.935 ms) Completed: /mnt/shadow_mount/vss16 (Took: 0.929 ms) Completed: /mnt/shadow_mount/vss17 (Took: 0.926 ms) Completed: /mnt/shadow_mount/vss18 (Took: 0.951 ms) Completed: /mnt/shadow_mount/vss19 (Took: 0.932 ms) Completed: /mnt/shadow_mount/vss20 (Took: 0.928 ms) Completed: /mnt/shadow_mount/vss21 (Took: 0.931 ms) Completed: /mnt/shadow_mount/vss22 (Took: 0.961 ms) Completed: /mnt/shadow_mount/vss23 (Took: 0.929 ms) Completed: /mnt/shadow_mount/vss24 (Took: 0.936 ms) Completed: /mnt/shadow_mount/vss25 (Took: 0.918 ms) Completed: /mnt/shadow_mount/vss26 (Took: 0.973 ms) Completed: /mnt/shadow_mount/vss27 (Took: 0.966 ms) Completed: /mnt/shadow_mount/vss28 (Took: 0.929 ms) Completed: /mnt/shadow_mount/vss29 (Took: 0.935 ms) Completed: /mnt/shadow_mount/vss30 (Took: 0.916 ms) Completed: salt-minion (Took: 3651.225 ms) Completed: /etc/samba/smb.conf (Took: 14.565 ms) Completed: smbd (Took: 953.703 ms) Completed: smbd (Took: 1859.655 ms) Completed: nmbd (Took: 937.928 ms) Completed: nmbd (Took: 1845.089 ms) Completed: /etc/foremost.conf (Took: 5.353 ms) Completed: /usr/local/etc/foremost.conf (Took: 2.768 ms) Completed: sift-config-tools (Took: 0.419 ms)

Incomplete due to Failures -- Success: 452, Failure: 90

List of Failures (first 10 only)

 NOTE: First failure is generally the root cause.

 IMPORTANT: If opening a ticket, please include this information.

  - ID: sift-docker-repo
    SLS: sift.repos.docker
    Run#: 2
    Comment: Failed to configure repo 'deb https://apt.dockerproject.org/repo ubuntu-xenial main': Error: key retrieval failed: Executing: /tmp/tmp.EDRDHIu5dk/gpg.1.sh --keyserver

hkp://p80.pool.sks-keyservers.net:80 --logger-fd 1 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net gpg: keyserver timed out gpg: keyserver receive failed: keyserver error

ekristen commented 5 years ago

Log file: /var/cache/sift/cli/v2019.06.0/saltstack.log <-- this is in the CLI output right towards the top.

Cl0nex commented 5 years ago

saltstack.log

ekristen commented 5 years ago

It looks like something about your network is preventing the gpg keys from being downloaded from the keyserver for the apt repositories. 

gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net
gpg: keyserver timed out
gpg: keyserver receive failed: keyserver error
Cl0nex commented 5 years ago

Just ran the two commands below and they worked

$ gpg --keyserver hkp://keyserver.ubuntu.com:11371 --recv-keys 2C52609D gpg: directory /home/ubuntu/.gnupg' created gpg: new configuration file/home/ubuntu/.gnupg/gpg.conf' created gpg: WARNING: options in /home/ubuntu/.gnupg/gpg.conf' are not yet active during this run gpg: keyring/home/ubuntu/.gnupg/secring.gpg' created gpg: keyring `/home/ubuntu/.gnupg/pubring.gpg' created gpg: requesting key 2C52609D from hkp server keyserver.ubuntu.com gpg: /home/ubuntu/.gnupg/trustdb.gpg: trustdb created gpg: key 2C52609D: public key "Docker Release Tool (releasedocker) docker@docker.com" imported gpg: no ultimately trusted keys found gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1)

$ gpg --keyserver hkp://keyserver.ubuntu.com:11371 --recv-keys 22598A94 gpg: requesting key 22598A94 from hkp server keyserver.ubuntu.com gpg: key 22598A94: public key "SANS Investigative Forensic Toolkit sift@computer-forensics.sans.org" imported gpg: Total number processed: 1 gpg: imported: 1

ekristen commented 5 years ago

The build system uses port :80 not :11371

Cl0nex commented 5 years ago

$ gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 2C52609D gpg: requesting key 2C52609D from hkp server keyserver.ubuntu.com gpg: key 2C52609D: "Docker Release Tool (releasedocker) docker@docker.com" not changed gpg: Total number processed: 1 gpg: unchanged: 1

$ gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 22598A94 gpg: requesting key 22598A94 from hkp server keyserver.ubuntu.com gpg: key 22598A94: "SANS Investigative Forensic Toolkit sift@computer-forensics.sans.org" not changed gpg: Total number processed: 1 gpg: unchanged: 1

$ sudo sift update

sift-cli@1.7.1-master.f1177e4 sift-version: notinstalled

SIFT not installed, unable to update Error: SIFT not installed, unable to update at Object. (/snapshot/Users/ekristen/Development/sift/sift-cli/sift-cli.js:676:13) at Generator.next () at Generator.tryCatcher (/snapshot/Users/ekristen/Development/sift/sift-cli/node_modules/bluebird/js/release/util.js:16:23) at PromiseSpawn.module.exports.PromiseSpawn._promiseFulfilled (/snapshot/Users/ekristen/Development/sift/sift-cli/node_modules/bluebird/js/release/generators.js:97:49) at Promise.module.exports.Promise._settlePromise (/snapshot/Users/ekristen/Development/sift/sift-cli/node_modules/bluebird/js/release/promise.js:574:26) at Promise.module.exports.Promise._settlePromise0 (/snapshot/Users/ekristen/Development/sift/sift-cli/node_modules/bluebird/js/release/promise.js:614:10) at Promise.module.exports.Promise._settlePromises (/snapshot/Users/ekristen/Development/sift/sift-cli/node_modules/bluebird/js/release/promise.js:693:18) at Async._drainQueue (/snapshot/Users/ekristen/Development/sift/sift-cli/node_modules/bluebird/js/release/async.js:133:16) at Async._drainQueues (/snapshot/Users/ekristen/Development/sift/sift-cli/node_modules/bluebird/js/release/async.js:143:10) at Immediate.__dirname.Async.drainQueues (/snapshot/Users/ekristen/Development/sift/sift-cli/node_modules/bluebird/js/release/async.js:17:14) at runCallback (timers.js:672:20) at tryOnImmediate (timers.js:645:5) at processImmediate [as _immediateCallback] (timers.js:617:5)

ekristen commented 5 years ago

Run install. Until you get a 100 percent install you can’t upgrade

Cl0nex commented 5 years ago

Incomplete due to Failures -- Success: 527, Failure: 15

List of Failures (first 10 only)

 NOTE: First failure is generally the root cause.

 IMPORTANT: If opening a ticket, please include this information.

  - ID: sift-docker-repo
    SLS: sift.repos.docker
    Run#: 2
    Comment: Failed to configure repo 'deb https://apt.dockerproject.org/repo ubuntu-xenial main': Error: key retrieval failed: Executing: /tmp/tmp.MXcrQrlNjW/gpg.1.sh --keyserver

hkp://p80.pool.sks-keyservers.net:80 --logger-fd 1 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net gpg: keyserver timed out gpg: keyserver receive failed: keyserver error

ekristen commented 5 years ago

Again the default for the build system is to use port 80, not port 11371, the root problem is your network or your system is unable to talk to keyserver.ubuntu.com on port 80.

Cl0nex commented 5 years ago

$ curl -s p80.pool.sks-keyservers.net:80 >/dev/null && echo Success. || echo Fail. Success.

$ curl -s keyserver.ubuntu.com:80 >/dev/null && echo Success. || echo Fail. Success.

gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net gpg: keyserver timed out gpg: keyserver receive failed: keyserver error

Also, it apprears the key is already in the key ringm isn't it?

$ gpg --list-keys /home/ubuntu/.gnupg/pubring.gpg ------------------------------- pub 4096R/2C52609D 2015-07-14 uid Docker Release Tool (releasedocker) docker@docker.com

pub 1024D/22598A94 2013-12-07 uid SANS Investigative Forensic Toolkit sift@computer-forensics.sans.org sub 4096g/EAE26425 2013-12-07

ekristen commented 5 years ago

Unfortunately in your case the build system needs to verify so even though they exist it failed.

You can skip using the cli and go download the salt states from the sift-saltstack repo directly and run salt manually, this would allow you to also to edit all the repo key parameters but I don’t have the time currently to provide step by step instructions.

Sent from my iPhone

On Mar 5, 2019, at 00:44, Cl0nex notifications@github.com wrote:

$ curl -s p80.pool.sks-keyservers.net:80 >/dev/null && echo Success. || echo Fail. Success.

$ curl -s keyserver.ubuntu.com:80 >/dev/null && echo Success. || echo Fail. Success.

gpg: requesting key 2C52609D from hkp server p80.pool.sks-keyservers.net gpg: keyserver timed out gpg: keyserver receive failed: keyserver error

Also, it apprears the key is already in the key ringm isn't it?

$ gpg --list-keys /home/ubuntu/.gnupg/pubring.gpg

pub 4096R/2C52609D 2015-07-14 uid Docker Release Tool (releasedocker) docker@docker.com

pub 1024D/22598A94 2013-12-07 uid SANS Investigative Forensic Toolkit sift@computer-forensics.sans.org sub 4096g/EAE26425 2013-12-07

— You are receiving this because you were assigned. Reply to this email directly, view it on GitHub, or mute the thread.

stale[bot] commented 5 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.