You should check the command itself and the code because it’s returning FreePBX fingerprints in a different format (that GPG still recognizes but FreePBX doesn’t)
I looked at that ticket and as suspected it’s something with ubuntu/debian.
Here’s the command that’s being run for him:
/usr/bin/gpg --homedir /var/lib/asterisk/.gnupg --no-permission-warning --keyserver-options auto-key-retrieve=true,timeout=10 --no-tty --status-fd 3 --keyserver pool.sks-keyservers.net --refresh-keys 593E5D6A7107C285E698CB563C355822CCEBF9CB C5C26167A09555DB29DA4ECF06C57CED5C2FE148 EB312FC936875A7BC236DE6A36992456A6869B39
It’s returning with this
[asterisk@freepbx BMO]$ gpg --keyserver hkps://keys.openpgp.org --refresh-keys --refresh-keys 593E5D6A7107C285E698CB563C355822CCEBF9CB C5C26167A09555DB29DA4ECF06C57CED5C2FE148 EB312FC936875A7BC236DE6A36992456A6869B39
gpg: refreshing 3 keys from hkps://keys.openpgp.org
gpg: requesting key 69D2EAD9 from hkps server keys.openpgp.org
gpg: requesting key B33B4659 from hkps server keys.openpgp.org
gpg: requesting key FE6D84F7 from hkps server keys.openpgp.org
gpg: key 69D2EAD9: no user ID
gpg: key B33B4659: no user ID
gpg: key FE6D84F7: no user ID
gpg: Total number processed: 3
The keys in the returned response are the freepbx keys. However they are in a different format than how they show up on CentOS. In fact it looks like Debian/Ubuntu return additional fingerprints for each single key (so each key has two fingerprints) This means on ubuntu systems the keys are being returned in a different format and thus aren’t able to be removed from the array. Thus they are passed back to the key server to be checked when they shouldn’t be.
It’d be an exercise for someone to figure out why fpr::::::::: gives the right fingerprint back on CentOS systems but not on other systems. Additionally someone should add a protected property in GPG to not check these fingerprints
- 593E5D6A7107C285E698CB563C355822CCEBF9CB
- C5C26167A09555DB29DA4ECF06C57CED5C2FE148
- EB312FC936875A7BC236DE6A36992456A6869B39
Along with the originals
- 1013D73FECAC918A0A25823986CE877469D2EAD9
- 2016349F5BC6F49340FCCAF99F9169F4B33B4659
- 072410D159E9DA63A459AB203DDB2122FE6D84F7