CLI 2.0 fails to verify on Raspberry Pi
Since the Apt install is failing for me I'm trying a manual install instead, but verification is failing for me:
➜ gpg --receive-keys 3FEF9748469ADBE15DA7CA80AC2D62742012EA22 gpg: key AC2D62742012EA22: new key but contains no user ID - skipped gpg: Total number processed: 1 gpg: w/o user IDs: 1 ➜ gpg --verify op.sig op gpg: Signature made Thu 10 Mar 2022 11:19:58 PM CET gpg: using RSA key 3FEF9748469ADBE15DA7CA80AC2D62742012EA22 gpg: Can't check signature: No public key
1Password Version: CLI 2.0.0
Extension Version: n/a
OS Version: Raspberry Pi OS (bullseye, 32 bits)
Comments
-
Hey @XIII
Looks like this is because the key import step was skipped due to the user ID being stripped by the default keyserver (keys.openpgp.org).
This is tricky because different platforms have different default keyservers..
I tried it on my Debian OS Docker and encountered the same issue so we appreciate you bringing it up!
I got the signature step to work by specifying a different keyserver during the retrieve keys step:
gpg --keyserver hkps://keyserver.ubuntu.com --receive-keys 3FEF9748469ADBE15DA7CA80AC2D62742012EA22Hope this helps.
0 -
I get this when I do that:
➜ gpg --verify op.sig op gpg: Signature made Thu 10 Mar 2022 11:19:58 PM CET gpg: using RSA key 3FEF9748469ADBE15DA7CA80AC2D62742012EA22 gpg: Good signature from "Code signing for 1Password <codesign@1password.com>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 3FEF 9748 469A DBE1 5DA7 CA80 AC2D 6274 2012 EA22
Is that the expected result?
0 -
Yep, that is the message from the success case!
0 -
Too bad it's giving a warning. Maybe you should explain this in the documentation?
0 -
I will make an issue to update the docs, thank you @XIII !
0
