Package Details: firefox-nightly 57.0a1.20170802-1

Git Clone URL: https://aur.archlinux.org/firefox-nightly.git (read-only)
Package Base: firefox-nightly
Description: Standalone Web Browser from Mozilla — Nightly build (en-US)
Upstream URL: https://www.mozilla.org/en-US/firefox/nightly
Keywords: browser gecko web
Licenses: GPL, MPL, LGPL
Submitter: None
Maintainer: ArchangeGabriel
Last Packager: ArchangeGabriel
Votes: 489
Popularity: 16.729908
First Submitted: 2008-09-10 14:23
Last Updated: 2017-08-02 22:34

Required by (1)

Sources (8)

Pinned Comments

ArchangeGabriel commented on 2017-06-15 12:42

If you face this:
==> Verifying source file signatures with gpg...
yyyymmdd-firefox-xx.0a1.en-US.linux-${CARCH}.tar.bz2 ... FAILED (unknown public key BBBEBDBB24C6F355)
==> ERROR: One or more PGP signatures could not be verified!
==> ERROR: Makepkg was unable to build firefox-nightly.

Please read this:
https://wiki.archlinux.org/index.php/Makepkg#Signature_checking

Short answer:
gpg --recv-key 0x61B7B526D98F0353

Latest Comments

Akrai commented on 2017-08-16 19:10

please STOP FLAGGING THIS as out of date, you get the latest version of firefox nightly every time you install it, there is literally no need to update DAILY the pkgbuild just to change the date of the package, just have in mind that every day there is a new build, if you want it just reinstall the package

ArchangeGabriel commented on 2017-08-13 17:37

@ChoromPotro What are you trying to say with this OOD flag?

NdranC commented on 2017-08-09 13:40

I managed to install the key manually. I don't know why I'm not able to fetch any public key remotely as far as I can tell. Searching for this issue the last couple hours seems to have been futile. Thanks for your help.

ArchangeGabriel commented on 2017-08-09 08:53

Are you able to retrieve any other key? If not, take a look at fixing your gnupg setup.

NdranC commented on 2017-08-09 02:09

I have tried every single command linked in the last 10 comments and none of them worked for me. The error I get with every single one of them is:

gpg: keyserver receive failed: Server indicated a failure

Any ideas on why it works for some people and it doesn't for others? I can't even update my firefox-beta either because of a similar "integrity checking" issue.

EDIT: Don't know if it matters but the exact error I get when I try to install firefox-nightly doesn't mention exfalso. Here it is:

==> Verifying source file signatures with gpg...
20170808-firefox-57.0a1.en-US.linux-x86_64.tar.bz2 ... FAILED (unknown public key BBBEBDBB24C6F355)
==> ERROR: One or more PGP signatures could not be verified!
:: failed to verify firefox-nightly integrity

repo commented on 2017-08-08 16:09

gpg --delete-key 0x61B7B526D98F0353
gpg --recv-key 0x61B7B526D98F0353

Worked for me.

ArchangeGabriel commented on 2017-08-08 10:01

Once again, they didn’t change their key, only a sub key, so refreshing you’re existing one should work.

The master key you’re looking for is 0x61B7B526D98F0353: https://pgp.mit.edu/pks/lookup?op=vindex&search=0x61B7B526D98F0353

You can see the former subkey that expired (1C69C4E55E9905DB) and the new one that is now used (BBBEBDBB24C6F355).

Can you try `gpg --recv-keys --keyserver hkp://pgp.mit.edu 0xBBBEBDBB24C6F355` or `gpg --recv-keys --keyserver hkp://pgp.mit.edu 0x61B7B526D98F0353`?

And please be more specific with “does not work”, they are a lot of possibles issues.

t-ask commented on 2017-08-08 09:44

This works ==> "gpg --recv-key --keyserver hkp://gpg.mozilla.org 0xBBBEBDBB24C6F355" (don't forget the leading "0x")

Their key seems to be stored on their gpg server https://gpg.mozilla.org/pks/lookup?op=get&search=0xBBBEBDBB24C6F355 while I wonder where I can read an official statement that they changed their key. Searching for that key gave me no results. Any ideas?

Tromzy commented on 2017-08-08 08:58

Neither does "gpg --recv-keys --keyserver hkp://pgp.mit.edu BBBEBDBB24C6F355".

Tromzy commented on 2017-08-08 08:57

"gpg --recv-key 0x1C69C4E55E9905DB " does not work.

All comments