Repository unsigned warning



  • Hi, I'm using the Vivaldi repository on my openSUSE 13.1: http://repo.vivaldi.com/archive/rpm/x86_64 Each time I run "zypper ref", it asks me to confirm: File 'repomd.xml' from repository 'vivaldi' is unsigned, continue? [yes/no] Could you please sign it so the question goes away? Thanks



  • Still doesn't appear to be signed.

    With Opensuse 13.2 I get the following error message when trying to install vivaldi-snapshot:

    Error: INVALID:vivaldi-snapshot-1.0.252.3-1.x86_64(Vivaldi): Signature verification failed [4-Signatures public key is not available]
    Header V4 RSA/SHA1 Signature, key ID bf1700f8: NOKEY
    Header SHA1 digest: OK (101a881f125615b7a1d02b455af35c8e4df131cd)
    V4 RSA/SHA1 Signature, key ID bf1700f8: NOKEY
    MD5 digest: OK (bc049ecaa019e5e0e3529b7ab8cb3789)

    Clicking Skip will install it though.



  • It says it is signed, but it doesn't have a key to compare it to (so it can't say who signed it).


  • Vivaldi Team

    This should now work with the beta build that came out today


  • Vivaldi Team

    This should now work with the beta build that came out today



  • Last week i did a clean install of the then latest SS Deb x64 into a virgin Linux Mint 18 Mate VM, & it notified me of the package being unsigned. I proceeded, as it's only a VM, but i wasn't happy. Just now i was about to initiate a clean install of the 1.3.534.3 SS RPM x64 into a virgin Linux Fedora 24 KDE VM, & it also notified me of the package being unsigned.

    It's too long ago since i first installed V onto my real OS [Mint 17.0 KDE (back then)], so i cannot recall if it also warned me back then [every subsequent update occurs via Mint's Update Manager], but in a month or two when Mint 18 KDE is released i'll be doing a clean OS install, hence thereafter when i reinstall all my pgms i really will critically care if the Deb SS package is unsigned.

    Please, can this apparently ongoing trouble be remedied?

    …....................................................................................
    My on-SSD OS = Linux Mint x64 17.3 KDE 4.14.2.

    Fedora's warning:

    [attachment=4061]VunsignedRPM_20160712_14:08:50.png[/attachment]
    Attachments:



  • Sigh.

    [attachment=4062]VRPMfailed_20160712_14:22:58.png[/attachment]
    Attachments:



  • With just a simple apt-get update / upgrade I got Vivaldi 1.3.534.3 (Developer Build) dev (64-bit) on my Devuan Jessie without any hiccups. It's astonishing that derivatives of Debian (Mint, Devuan) are acting so differently. On my Manjaro (Arch based) I was always warned not to install potentially dangerous software but I simply ignored this warning regarding to Vivaldi. Since the last two or three snapshots also on that system the updates are coming in without any problems together with all the other software updates.



  • ruario, would you pls re-enter this discussion?



  • I'll ping him.



  • Trying to update to Snapshot 1.3.537.5 on Linux Mint 17.3 but get the following warnings:

    W: Failed to fetch http://repo.vivaldi.com/snapshot/deb/dists/stable/main/binary-i386/Packages Hash Sum mismatch

    W: Failed to fetch http://repo.vivaldi.com/snapshot/deb/dists/stable/main/i18n/Translation-en_GB Bad header line

    W: Failed to fetch http://repo.vivaldi.com/snapshot/deb/dists/stable/main/i18n/Translation-en Bad header line



  • Ruario or Christian – advice pls?



  • Hmmm, ongoing deafening silence.


  • Moderator

    Maybe some of the users will offer something.

    I don't recall that issue having come up before, but there are some linux mavens on the forum…



  • Hopefully you've solved it by now, but for anyone who finds this via Google the following worked for me:

    wget http://repo.vivaldi.com/snapshot/linux_signing_key.pub
    rpm --import linux_signing_key.pub
    

Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.