FU: RE: 6.6/packages/i386/SHA256.sig to be verified with 'openbsd-65-pkg.pub'?
Evening, mewrote: > theo wrote: >> >> These files have now been replaced. Does it look right? > > Me's afraid not: SHA256.sig is now rather short, ending at the hash of > aqsis-1.8.2p10.tgz (tried to fetch it from both ftp.eu and the CDN: same > result). ...which now appears to have been fixed. Thanks! --zeurkous. -- Friggin' Machines!
RE: 6.6/packages/i386/SHA256.sig to be verified with 'openbsd-65-pkg.pub'?
Morning, theo wrote: > wrote: > >> That doesn't seem right. Did you folks use the wrong key when signing >> the file, or is there a particular reason to do it this way that me's >> not aware of...? > > These files have now been replaced. Does it look right? Me's afraid not: SHA256.sig is now rather short, ending at the hash of aqsis-1.8.2p10.tgz (tried to fetch it from both ftp.eu and the CDN: same result). It's a bad week over here, too *sigh*. --zeur. -- Friggin' Machines!
Re: 6.6/packages/i386/SHA256.sig to be verified with 'openbsd-65-pkg.pub'?
On 10 Nov 2019, Stuart Henderson wrote: > On 2019-11-10, wrote: > > That doesn't seem right. Did you folks use the wrong key when signing > > the file, or is there a particular reason to do it this way that me's > > not aware of...? > > Thanks for the report, yes i386 (and mips64) had the wrong key. I guess > not many people are doing fresh installs on these. > > Re-signed packages should be available sometime soon, but there are no > changes to the package contents, there's no need to reinstall if you > already have them. > > > I did a fresh install on a Thinkpad i386 a couple of weeks ago and was very grateful to have it, so I hope it doesn't disappear any time soon. -- Anthony Campbellhttp://www.acampbell.uk
Re: 6.6/packages/i386/SHA256.sig to be verified with 'openbsd-65-pkg.pub'?
wrote: > That doesn't seem right. Did you folks use the wrong key when signing > the file, or is there a particular reason to do it this way that me's > not aware of...? These files have now been replaced. Does it look right?
Re: 6.6/packages/i386/SHA256.sig to be verified with 'openbsd-65-pkg.pub'?
On 2019-11-10, wrote: > That doesn't seem right. Did you folks use the wrong key when signing > the file, or is there a particular reason to do it this way that me's > not aware of...? Thanks for the report, yes i386 (and mips64) had the wrong key. I guess not many people are doing fresh installs on these. Re-signed packages should be available sometime soon, but there are no changes to the package contents, there's no need to reinstall if you already have them.
6.6/packages/i386/SHA256.sig to be verified with 'openbsd-65-pkg.pub'?
That doesn't seem right. Did you folks use the wrong key when signing the file, or is there a particular reason to do it this way that me's not aware of...? --zeur. -- Friggin' Machines!