View Issue Details

IDProjectCategoryView StatusLast Update
0007422Kali LinuxGeneral Bugpublic2022-08-15 10:41
Reporterelrey Assigned To 
PrioritynormalSeverityminorReproducibilitysometimes
Status closedResolutionopen 
Product Version2021.3 
Summary0007422: Sometimes GPG signature from main kali CDN isn't properly signed
Description

Periodically when using the gpg signature from the main kali CDN (https://kali.download) it will fail the gpg check when verifying the signature.

Steps To Reproduce

curl -fsSL https://archive.kali.org/archive-key.asc | gpg --import

gpg --verify <( curl -fsSL https://cdimage.kali.org/current/SHA256SUMS.gpg ) <( curl -fsSL https://cdimage.kali.org/current/SHA256SUMS )

Additional Information

So, I build kali on a weekly basis, and before this weekend I didn't have any issues with the GPG signature on the main CDN (https://kali.download). For 3 consecutive times now though, I have had my builds fail because of: "gpg: BAD signature from "Kali Linux Repository <[email protected]>" [unknown]"

( NOTE: most of these links that I will post require you to login to CircleCI to get more detailed information )

If you go to my CircleCI pipeline for my project: https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux you can see I had it fail for 4 times in a row ( all my trying to see if re-running the failed steps would work ).

Every time the pipeline failed it was the signature failing (you can see references to that below) :
https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/514/workflows/a077f696-1726-4108-9db2-3b63c08504ab/jobs/5574#step-104-85
( same file no CircleCI account required ( at the very bottom of the page )) https://circleci.com/api/v1.1/project/github/elreydetoda/packer-kali_linux/5574/output/104/0?file=true&amp;allocation-id=617438f405f1ce6e408aec88-0-build%2F3B8433D

Started to do some local testing, and noticed that it wasn't consistent but just periodic. In this GitHub (GH) issue I have a recording of my terminal where it fails sometimes and it is using the main CDN: https://github.com/elreydetoda/packer-kali_linux/issues/125

When I swapped the CDN to use the Berkly CDN for the signature everything worked perfectly though... GH commit: https://github.com/elreydetoda/packer-kali_linux/commit/4744402085e614aca48b707cc411c62c47300615 ( this will grab both the sha256sums file & the sha256sums.gpg file ) & corresponding successful CI run (for the generate-packer-vars steps): https://app.circleci.com/pipelines/github/elreydetoda/packer-kali_linux/515/workflows/3dc61b4d-c292-4937-8a3a-a5d12fb7051c

Attached Files
Screenshot_20211023_125626.png (26,976 bytes)   
Screenshot_20211023_125626.png (26,976 bytes)   

Activities

elrey

elrey

2021-10-23 17:04

reporter   ~0015346

here is a screenshot of me
1) running what the "step to repeat" section resolves to (kali.download)
2) running the commands I mentioned in the "step to repeat" section
3) running the commands I mentioned in the "step to repeat" section, but changing it to the berkley CDN instead of main and the signature succeeding

elrey

elrey

2021-10-23 17:04

reporter   ~0015347

didn't upload the pic...sorry...

elrey

elrey

2021-10-23 17:07

reporter   ~0015348

ok..., posting on imgur since it doesn't seem to be uploading properly... https://imgur.com/a/uA8mN71

elrey

elrey

2021-10-25 03:46

reporter   ~0015355

also forgot to mention if you don't have Kali's key imported with gpg you can do this: curl -fsSL 'https://archive.kali.org/archive-key.asc' | gpg --import

elrey

elrey

2021-11-06 15:46

reporter   ~0015416

Looks like things have been fixed (don't know if anything was done or if the CDN was just acting wonky...).

Have a good weekend ��

elrey

elrey

2021-11-06 15:48

reporter   ~0015417

sorry, forgot to add a link for why I think it is: https://github.com/elreydetoda/packer-kali_linux/issues/125#issuecomment-962469642

also, I guess no emoji so emoticon/text :wave: :D

g0tmi1k

g0tmi1k

2022-08-15 10:41

administrator   ~0016549

This report has been filed against an old version of Kali. We will be closing this ticket due to inactivity.

Please could you see if you are able to replicate this issue with the latest version of Kali Linux (https://www.kali.org/get-kali/)?

If you are still facing the same problem, feel free to re-open the ticket. If you choose to do this, could you provide more information to the issue you are facing, and also give information about your setup?
For more information, please read: https://www.kali.org/docs/community/submitting-issues-kali-bug-tracker/

Issue History

Date Modified Username Field Change
2021-10-23 16:53 elrey New Issue
2021-10-23 16:57 elrey File Added: Screenshot_20211023_125626.png
2021-10-23 17:04 elrey Note Added: 0015346
2021-10-23 17:04 elrey Note Added: 0015347
2021-10-23 17:07 elrey Note Added: 0015348
2021-10-25 03:46 elrey Note Added: 0015355
2021-10-28 09:57 g0tmi1k Priority high => normal
2021-10-28 09:58 g0tmi1k Severity major => minor
2021-11-06 15:46 elrey Note Added: 0015416
2021-11-06 15:48 elrey Note Added: 0015417
2022-08-15 10:41 g0tmi1k Note Added: 0016549
2022-08-15 10:41 g0tmi1k Status new => closed