guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Losing signing keys for custom Guix channel

From: Markku Korkeala
Subject: Re: Losing signing keys for custom Guix channel
Date: Mon, 25 Mar 2024 09:49:46 +0200 
On Mon, Mar 25, 2024 at 02:41:26PM +0900, elaexuotee@wilsonb.com wrote:
> Hey devs,
> 
> So I lost the PGP key that I was using to sign commits on a private Guix
> channel of mine. Is there a way to introduce a hard break in my channel
> authentication?
> 
> Despite updating authorization settings, pulls complain that my latest commit
> isn't signed by an authorized key.
> 
> Here are the changes I've made:
> - New public key added to keyring branch
> - Appended new key fingerprint to .guix-authorizations (at commit X)
> - Update introduction in .config/guix/channels.scm
>   - Point to commit X
>   - Update openpgp-fingerprint
> 
> As a sanity check, I've confirmed that the fingerprint on commit X, the
> fingerprint in .guix-authorizations, and the openpgp-fingerprint in my
> channels.scm are all the same.
> 
> What am I missing?

Hi all,

from reading about guix authentication I think the new signing key
must be first added to the .guix-authoriations file and that commit
must signed with the current signing keys before the new signing
key can be used.

Best wishes,
Markku
reply via email to
[Prev in Thread] Current Thread [Next in Thread]