Package Details: tor-browser-en 6.5.2-1

Git Clone URL: https://aur.archlinux.org/tor-browser-en.git (read-only)
Package Base: tor-browser-en
Description: Tor Browser Bundle: Anonymous browsing using firefox and tor
Upstream URL: https://www.torproject.org/projects/torbrowser.html.en
Keywords: tor
Licenses: GPL
Submitter: Maxr
Maintainer: yar (jugs)
Last Packager: yar
Votes: 664
Popularity: 14.679105
First Submitted: 2011-10-14 19:30
Last Updated: 2017-04-20 07:12

Pinned Comments

yar commented on 2017-01-25 09:14

Before running makepkg, you must do this:

gpg --keyserver pool.sks-keyservers.net --recv-keys D1483FA6C3C07136

See below for details.

Latest Comments

sabe commented on 2017-05-13 15:08

As mentioned the gpg errors are an issue with default versions of gnupg in most linux distros, specifically a dns resolution issue. If you cannot be bothered downgrading your gnupg package then just ping the keyserver and use it's ip instead of its url.

ant commented on 2017-02-22 11:46

yar: for beginners I with to add that the gpg command must be run as the same user compiling the package, not as root.

Plexcon commented on 2017-02-13 18:58

tor-browser-en 6.5-1 trabaja correctamente en Manjaro KDE Edition (16.10.3)

liljaylj commented on 2017-02-06 12:31

Hello, could you please change source url to those provided by GitHub (for x86_64: https://github.com/TheTorProject/gettorbrowser/releases/download/v6.5/tor-browser-linux64-6.5_en-US.tar.xz), because dist.torproject.org domain is blocked here in Kazakhstan. Thanks

Mark1 commented on 2017-01-29 17:32

For the GPL license just copy that on your terminal: gpg --recv-keys 0x4E2C6E8793298290

Mark1 commented on 2017-01-29 17:31

NICE ! ! ! 10/10

now-im commented on 2017-01-29 17:01

@yar I got two work-around

1. As gnupg is failing to download the public key it can be done manually by this command:
curl "https://pgp.mit.edu/pks/lookup?op=get&search=0x4E2C6E8793298290" -o - | gpg --import

2. Gpg key verification can be skipped by replacing a pkgbuild line which is not recommended as tor is a very crucial piece of software. The line is:
validpgpkeys=('EF6E286DDA85EA2A4BA7DE684E2C6E8793298290' 'SKIP')

Process 1 is safe, 2 is risky and totally your choice. Peace!

fightcookie commented on 2017-01-27 15:23

@beroal Sorry, I confused the fingerprints with the keys itself. Now i understand it and have no problem with this packagebuild :)
Still, it would be nice if there would be a mechanism in makepkg to embed the whole key or at least instruct it to download it...

kyak commented on 2017-01-27 05:05

@kerberizer good for you, but i was using 2.1.17-4 at that time.
It contained incorrect patch, and so didn't work. In fact, it was silently fixed without a version bump: https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/gnupg&id=fff9ea5d38f76133a9ed5c38bc7dcf35591d33f6

Anyway, thanks for your feedback. The command from pinned message should work now for everyone running the latest gnupg.

kerberizer commented on 2017-01-26 16:00

@kyak:

$ pacman -Q gnupg
gnupg 2.1.18-1

$ killall dirmngr
dirmngr: no process found

$ killall gnome-keyring-daemon

$ mv ~/.gnupg{,.tmp}

$ gpg -k
gpg: directory '/home/<redacted>/.gnupg' created
gpg: new configuration file '/home/<redacted>/.gnupg/dirmngr.conf' created
gpg: new configuration file '/home/<redacted>/.gnupg/gpg.conf' created
gpg: keybox '/home/<redacted>/.gnupg/pubring.kbx' created
gpg: /home/<redacted>/.gnupg/trustdb.gpg: trustdb created

$ gpg --keyserver pool.sks-keyservers.net --recv-keys D1483FA6C3C07136
gpg: key 4E2C6E8793298290: public key "Tor Browser Developers (signing key) <torbrowser@torproject.org>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1

$ makepkg -cCs
==> Making package: tor-browser-en 6.5-1 (Thu 26 Jan 17:53:58 EET 2017)
(...snip...)
==> Finished making: tor-browser-en 6.5-1 (Thu 26 Jan 17:54:14 EET 2017)

Please let me know if there are other tests or information that might help you find the cause of the problem you encounter.

All comments