On Fri, Jun 24 2016, Asheesh Laroia <ashe...@asheesh.org> wrote: > Package: monkeysphere > Version: 0.37-2 > > I am trying to learn how to use monkeysphere. I figured one good first-step > would be to get the SSH key corresponding to Clint Adams <cl...@debian.org>. > > So I ran: > > $ monkeysphere u "Clint Adams <sch...@debian.org>" > > in an attempt to get a "ssh-rsa..." line out, which would demonstrate to me > that monkeysphere generally works. > > Instead, I got this output: > > paulproteus@slittingmill:~$ monkeysphere u "Clint Adams <sch...@debian.org>" > ms: Failure (2) receiving keyids (0x2100A32C46F895AF3A08783AF6D3495BB0AE9A02 > ms: 0x2806F67A363A1F9C3EBFD274C3A844D76AE3B737 > ms: 0x995314085A0EC967941DCE9DE66D2EEBAB963370 > ms: 0x5DB29C847F07FD4F60A8728070AEBD21B13DEAF7 > ms: 0xA3B4A1C6DBED847F > ms: 0xF88942139018FAD6EB7EC4735EDBAE5BB98FC0C8 > ms: 0x91A285AE301B7D6B > ms: 0x1927D3053E30A739) from keyserver pool.sks-keyservers.net
I think this is the issue:
servo:~ 0$ gpg --recv-key 0x91A285AE301B7D6B
gpg: requesting key 0x91A285AE301B7D6B from hkpms server keys.mayfirst.org
gpg: Note: signatures using the MD5 algorithm are rejected
gpg: key 0x91A285AE301B7D6B: no valid user IDs
gpg: this may be caused by a missing self-signature
gpg: Total number processed: 1
gpg: w/o user IDs: 1
servo:~ 2$
Note the return code is the same as what monkeysphere is reporting. So
gpg is failing inside of monkeysphere because it refuses to import that
key.
I'm not sure what should be done about that. Presumably monkeysphere
should just reject this key, and continue with the other ones it finds.
Not sure what should be reported to the user in this case, though. In
any case I don't think monkeysphere should fail in this case, and it
should continue with processing of the keys that it can import.
On a side note, I don't think this key should be included in the first
place, and may indicate an issue with gpg itself. If I do a search for
the exact user id, which is what should happen when I search for
"=$userid", why is gpg returns keys that do not include an exact match
to that user id?
servo:~ 2$ gpg --search ='Clint Adams <sch...@debian.org>'
gpg: searching for "=Clint Adams <sch...@debian.org>" from hkpms server
keys.mayfirst.org
(1) Clint Adams <cl...@gnu.org>
Clint Adams <cl...@mit.edu>
Clint Adams <cl...@zsh.org>
Clint Adams <cl...@gcfm.net>
Clint Adams <cl...@scru.org>
Clint Adams <cl...@debian.org>
Clint Adams <cl...@scowler.net>
Clint Adams <cl...@spi-inc.org>
Clint Adams (GNU) <cl...@gnu.org>
Clint Adams (Debian) <sch...@debian.org>
4096 bit RSA key 0xF6D3495BB0AE9A02, created: 2009-05-08
(2) Clint Adams (Debian) <sch...@debian.org>
2048 bit RSA key 0xC3A844D76AE3B737, created: 2009-05-07 (revoked)
(3) Clint Adams (Debian) <sch...@debian.org>
1024 bit DSA key 0xE66D2EEBAB963370, created: 1999-09-16
(4) Clint Adams (DSA) <sch...@debian.org>
1024 bit DSA key 0x70AEBD21B13DEAF7, created: 1998-05-18
(5) Clint Adams (ElG) <sch...@debian.org>
2048 bit ELG key 0xA3B4A1C6DBED847F, created: 1998-05-18
(6) Clint Adams <cl...@idt.net>
Clint Adams <sch...@debian.org>
Clint Adams <cl...@scowler.ml.org>
1024 bit DSA key 0x5EDBAE5BB98FC0C8, created: 1998-03-26
Keys 1-6 of 8 for "=Clint Adams <sch...@debian.org>". Enter number(s), N)ext,
or Q)uit >
Keys (2), (3), (4), and (5) all do not match the user id I searched for.
gpg seems to be ignoring the comment field, and matching on all other
fields, which it seems to me it obviously shouldn't be doing. I guess
this should be a separate bug reported against gpg.
jamie.
signature.asc
Description: PGP signature
