I have been trying to create a percona role in ansible and failing at it. I won't really say failing but it doesn't work as planned. Below is a snippet of the role
- name: Setting up percona server apt-key
apt_key:
id=1C4CBDCDCD2EFD2A
keyserver=keys.gnupg.net
state=present
Upon running this I ended up with the following error:
failed: [192.168.56.107] => {"cmd": "apt-key adv --keyserver keys.gnupg.net --recv 1C4CBDCDCD2EFD2A", "failed": true, "rc": 2}
stderr: gpg: requesting key CD2EFD2A from hkp server keys.gnupg.net
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
As you can see ansible executes the following command: apt-key adv --keyserver keys.gnupg.net --recv 1C4CBDCDCD2EFD2A, meanwhile the command that actually works, tested and recommended from percona repository page
is apt-key adv --keyserver keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A. There is a difference in the commands the former is just --recv and the latter is --recv-keys. I have no idea how to make ansible run this commands either can using the ansible command module itself.
There is also this url found on percona download page to the repo key which can be used in the apt_key module instead of keyserver.
What I am interested in knowing is whether it's possible to make ansible run the actual apt_key commands with --recv-keys
The following command should work for you:
- apt_key: url=http://www.percona.com/redir/downloads/RPM-GPG-KEY-percona
state=present
The source code for the apt_key module shows it building a command line using --recv but no mention of --recv-keys, so it doesn't look like you can use this module the way you want. I would suggest filing a feature request with the Ansible team to ask that they support this flag.
In the meantime you should be able to call apt-key manually via the command module. The command would be virtually identical to what the debug output showed:
- name: call apt_key manually
command: apt-key adv --keyserver keys.gnupg.net --recv-keys 1C4CBDCDCD2EFD2A
Related
I started using GNU Privacy Guard. An error occurs when trying to import a key from any server:
gpg --keyserver keys.gnupg.net --recv-key 908F435E
Output:
gpg: keyserver receive failed: No name
I stumbled upon this today and found the fix at Maven Central Repository Documentation. The SKS Keyserver Network is being deprecated and probably gone by now. Just use another GPG key server like:
keyserver.ubuntu.com
keys.openpgp.org
pgp.mit.edu
So for example
gpg --keyserver keyserver.ubuntu.com --recv-key 908F435E
Try these command one by one. It works for me.
curl -sSL https://rvm.io/mpapis.asc | gpg2 --import
curl -sSL https://rvm.io/pkuczynski.asc | gpg2 --import
As an alternative to the options above, from the RVM security documentation,
If you encounter problem with the key server above, try a different one. Some alternatives are presented below:
hkp://ipv4.pool.sks-keyservers.net
hkp://pgp.mit.edu
hkp://keyserver.pgp.com
The second one worked for me, hkp://pgp.mit.edu
Replace $key with the corresponding $key you want to add.
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys $key
This works on Ubuntu 20.04 (Focal Fossa).
Please use these commands one by one:
curl -sSL https://rvm.io/mpapis.asc | gpg --import -
curl -sSL https://rvm.io/pkuczynski.asc | gpg --import -
Or you can refer to the rvm.io.
keys.gnupg.net is just an alias to pool.sks-keyservers.net. You can point directly to this second address and it will work.
I am working on an implementation of LoRa architecture on RaspberryPi. So in the process, it is needed to install this software package by Chirpstack called Gateway Bridge that converts LoRa packet forwarder format to JSON/Protobuf format that will be understood by my application. But the thing is while installing Gateway Bridge as mentioned in their official website link I am getting this error:
root#raspberrypi:/home/pi/mqtt_demo_3# sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 1CE2AFD36DBCCA00
Executing: /tmp/apt-key-gpghome.HwLDfOHwHV/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 1CE2AFD36DBCCA00
gpg: keyserver receive failed: Connection timed out
On exploring on web I found that the setup key provided by them is not working.
Can we eliminate this error and how?
This is solved by keeping using command:
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 1CE2AFD36DBCCA00
instead of the command mentioned in the download page.
I'm trying to install MikTex on Ubuntu 18.04 following the instructions in the website.
The first command,
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys D6BC243565B2087BC3F897C9277A7293F59E4889
gives the error
gpg: keyserver receive failed: Invalid argument
What could be the problem?
I don't know the root cause, but following the instructions here I was able to get the keys.
These download and install the gpg key:
wget -q \
"https://keyserver.ubuntu.com/pks/lookup?op=get&search=0xD6BC243565B2087BC3F897C9277A7293F59E4889" \
-O- | gpg --dearmor \
> miktex-D6BC243565B2087BC3F897C9277A7293F59E4889.gpg
sudo mv miktex-D6BC243565B2087BC3F897C9277A7293F59E4889.gpg \
/etc/apt/trusted.gpg.d/
You should then be able to continue with the next steps (sudo apt update and so on).
I'm trying to install Ruby on Ubuntu 16.04. However when I enter to following command to terminal:
$ \curl -sSL https://get.rvm.io | bash -s stable --ruby
I get the following:
Downloading https://github.com/rvm/rvm/archive/1.29.1.tar.gz
Downloading https://github.com/rvm/rvm/releases/download/1.29.1/1.29.1.tar.gz.asc
gpg: Signature made 19 فبر, 2017 EET 10:02:47 م using RSA key ID ********
gpg: Can't check signature: No public key
Warning, RVM 1.26.0 introduces signed releases and automated check of signatures when GPG software found. Assuming you trust Michal Papis import the mpapis public key (downloading the signatures).
GPG signature verification failed for '/home/tamer/.rvm/archives/rvm-1.29.1.tgz' - 'https://github.com/rvm/rvm/releases/download/1.29.1/1.29.1.tar.gz.asc'! Try to install GPG v2 and then fetch the public key:
gpg2 --keyserver hkp://keys.gnupg.net --recv-keys ****************************************
or if it fails:
command curl -sSL https://rvm.io/mpapis.asc | gpg2 --import -
the key can be compared with:
https://rvm.io/mpapis.asc
https://keybase.io/mpapis
NOTE: GPG version 2.1.17 have a bug which cause failures during fetching keys from remote server. Please downgrade or upgrade to newer version (if available) or use the second method described above.
When I tried any rvm command I got 'command not found'.
I tried requesting https://rvm.io/mpapis.asc through the browser. Then running the following:
$ gpg --import mpapis.asc
but I got the following:
gpg: fatal: can't open `/home/tamer/.gnupg/trustdb.gpg': Permission denied
secmem usage: 1408/1408 bytes in 2/2 blocks of pool 1408/65536
I'm not used to do something that I don't understand, so I stopped their and didn't try sudo.
So how can I install Ruby?
Update
I also tried installing gpg2 using:
$ sudo apt-get install gnupg2 -y
and then I tried
$ gpg2 --keyserver hkp://keys.gnupg.net --recv-keys <key>
and also
$ curl -sSL https://rvm.io/mpapis.asc | gpg2 --import -
But still, the same result when I try install rvm with the first command.
n.b. I noticed that I have gpg v1.4.20 and gpg2 v2.1.11
After trying many ways. I did succeed to install rails as follows:
$ \curl -sSL https://get.rvm.io | bash
$ source /home/<user>/.rvm/scripts/rvm
$ rvm -v
$ rvm install ruby
$ ruby -v
$ sudo apt-get install rubygems
$ gem update
$ sudo apt-get install ruby-dev zlib1g-dev liblzma-dev build-essential patch
$ rvm gemset list
$ gem install rails
$ rails -v
Where "user" is my username
I am just posting an update solution for it as I faced the same issue in Ubuntu 18.04 while trying to fetch keys for RVM.
The following method is provided by RVM.
gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
If it doesn't work out and you try to install rvm directly, the process will fail and provides three suggestions to receive keys. One of which have a step to receive the keys with gpg2.
Install gpg2 in your system before that.
sudo apt install gnupg2
The command is
gpg2 --recv-keys 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
But this command too will not work.
So here's an alternative. Just replace the gpg from the older command to gpg2 which worked for me.
gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
In addition to the previous answers, if you are behind a firewall, the following command might not work for you.
gpg2 --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
In that case, you can use the following command to get the keys -
sudo apt-key adv --keyserver hkp://keys.gnupg.net:80 --recv-keys <<key>> <<key>>
I had the same issue but on Debian and I took an alternate approach. In the error message, it says this: "Try to install GPG v2 and then fetch the public key:" with a gpg2 command after it. I went and installed gpg2 first and ran the command it told me to and it worked for me.
sudo apt-get install gnupg2
sudo apt-get install dirmngr
gpg2 --recv-keys <key>
# <Run curl command to install rvm>
I had issues in receiving the server keys and switched the key server to an alternative list mentioned in https://rvm.io/rvm/security
hkp://ipv4.pool.sks-keyservers.net
hkp://pgp.mit.edu
hkp://keyserver.pgp.com
This appear a port issue, Try this:
gpg --keyserver hkp://keys.gnupg.net:80 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
Is work for me.
sudo apt-key adv --keyserver hkp://keys.gnupg.net:80 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
I have a new mac pro (OS X 10.9.5) that I get to set up from scratch. I want to install RVM and the first thing it says to do is:
Install mpapis public key (might need gpg2 and or sudo)
gpg --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3
When I tried I got:
gpg --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3
zsh: command not found: gpg
I've tried to find a good guide on how to overcome this that also looks trustworthy but I've had no luck.
Can someone explain what gpg is, why I dont already have it, and how do I get it the right way.
GnuPG (with binary name gpg) is an application used for public key encryption using the OpenPGP protocol, but also verification of signatures (cryptographic signatures, that also can validate the publisher if used correctly). To some extend, you could say it's for OpenPGP what OpenSSL is for X.509 and TLS.
Unlike most Linux distributions (which make heavy use of GnuPG for ensuring untampered software within their package repositories), Mac OS X does not bring GnuPG with the operating system, so you have to install it on your own.
Possible sources are:
Package manager Homebrew: brew install gnupg gnupg2
Package manager MacPorts: sudo port install gnupg gnupg2
Install from GPGTools, which also brings GUI applications and integration in Apple Mail
As the instruction said "might need gpg2"
In mac, you can try install it with homebrew
$ brew install gpg2
On Mac OSX 10.15,
Even after installing gpg, i was getting gpg2 command not found
$ brew install gnupg gnupg2
Warning: gnupg 2.2.23 is already installed and up-to-date
To reinstall 2.2.23, run `brew reinstall gnupg`
$ gpg2 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
-bash: gpg2: command not found
Instead, this worked for me
$ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
Here are the steps to install RVM.
Step 1: Install gpg or gpg2 (both work)
brew install gpg
Step 2: Install GPG keys used to verify installation package:
gpg --keyserver hkp://pgp.mit.edu --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
If you encounter problem with the key server above, try a different one.
hkp://ipv4.pool.sks-keyservers.net
hkp://pgp.mit.edu
hkp://keyserver.pgp.com
Step 3: Install RVM
\curl -sSL https://get.rvm.io | bash -s stable
Check out the Security page if you still run into problems.
This worked for me
$brew install gnupg
After installing gpg using:
brew install gnupg2
This solution helped me get the keys to install rvm:
curl -sSL https://rvm.io/mpapis.asc | gpg --import -
curl -sSL https://rvm.io/pkuczynski.asc | gpg --import -
On my clean macOS 10.15.7, I needed to brew link gnupg && brew unlink gnupg first and then used Ashish's answer to use gpg instead of gpg2. I also had to chown a few directories. before the un/link.
I was facing the same issue when I was trying to install RVM on a UNIX Apple M1.
I can solved my issue with this command:
gpg --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
Instead of use gpg2:
gpg2 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
After run the command I had this output:
gpg: key 195BD3E759199BDB: 1 duplicate signature removed
gpg: /Users/User/.gnupg/trustdb.gpg: trustdb created
gpg: key 105BD0E739499BDB: public key "Piotr Kuczynski <piotr.kuczynski#gmail.com>" imported
gpg: key 3804BB82D39DC0E3: public key "Michal Papis (RVM signing) <mpapis#gmail.com>" imported
gpg: Total number processed: 2
gpg: imported: 2
Note:
Don't forget to restart your command console.
You can also use:
$ sudo gem install rvm
It should give you the following output:
Fetching: rvm-1.11.3.9.gem (100%)
Successfully installed rvm-1.11.3.9
Parsing documentation for rvm-1.11.3.9
Installing ri documentation for rvm-1.11.3.9
1 gem installed