Package Details: tor-browser-en 6.5.1-1

Git Clone URL: https://aur.archlinux.org/tor-browser-en.git (read-only)
Package Base: tor-browser-en
Description: Tor Browser Bundle: Anonymous browsing using firefox and tor
Upstream URL: https://www.torproject.org/projects/torbrowser.html.en
Keywords: tor
Licenses: GPL
Submitter: Maxr
Maintainer: yar (jugs)
Last Packager: yar
Votes: 652
Popularity: 22.478418
First Submitted: 2011-10-14 19:30
Last Updated: 2017-03-07 21:07

Pinned Comments

yar commented on 2017-01-25 09:14

Before running makepkg, you must do this:

gpg --keyserver pool.sks-keyservers.net --recv-keys D1483FA6C3C07136

See below for details.

Latest Comments

ant commented on 2017-02-22 11:46

yar: for beginners I with to add that the gpg command must be run as the same user compiling the package, not as root.

Plexcon commented on 2017-02-13 18:58

tor-browser-en 6.5-1 trabaja correctamente en Manjaro KDE Edition (16.10.3)

liljaylj commented on 2017-02-06 12:31

Hello, could you please change source url to those provided by GitHub (for x86_64: https://github.com/TheTorProject/gettorbrowser/releases/download/v6.5/tor-browser-linux64-6.5_en-US.tar.xz), because dist.torproject.org domain is blocked here in Kazakhstan. Thanks

Mark0009 commented on 2017-01-29 17:32

For the GPL license just copy that on your terminal: gpg --recv-keys 0x4E2C6E8793298290

Mark0009 commented on 2017-01-29 17:31

NICE ! ! ! 10/10

Alpha commented on 2017-01-29 17:01

@yar I got two work-around

1. As gnupg is failing to download the public key it can be done manually by this command:
curl "https://pgp.mit.edu/pks/lookup?op=get&search=0x4E2C6E8793298290" -o - | gpg --import

2. Gpg key verification can be skipped by replacing a pkgbuild line which is not recommended as tor is a very crucial piece of software. The line is:
validpgpkeys=('EF6E286DDA85EA2A4BA7DE684E2C6E8793298290' 'SKIP')

Process 1 is safe, 2 is risky and totally your choice. Peace!

fightcookie commented on 2017-01-27 15:23

@beroal Sorry, I confused the fingerprints with the keys itself. Now i understand it and have no problem with this packagebuild :)
Still, it would be nice if there would be a mechanism in makepkg to embed the whole key or at least instruct it to download it...

kyak commented on 2017-01-27 05:05

@kerberizer good for you, but i was using 2.1.17-4 at that time.
It contained incorrect patch, and so didn't work. In fact, it was silently fixed without a version bump: https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/gnupg&id=fff9ea5d38f76133a9ed5c38bc7dcf35591d33f6

Anyway, thanks for your feedback. The command from pinned message should work now for everyone running the latest gnupg.

kerberizer commented on 2017-01-26 16:00

@kyak:

$ pacman -Q gnupg
gnupg 2.1.18-1

$ killall dirmngr
dirmngr: no process found

$ killall gnome-keyring-daemon

$ mv ~/.gnupg{,.tmp}

$ gpg -k
gpg: directory '/home/<redacted>/.gnupg' created
gpg: new configuration file '/home/<redacted>/.gnupg/dirmngr.conf' created
gpg: new configuration file '/home/<redacted>/.gnupg/gpg.conf' created
gpg: keybox '/home/<redacted>/.gnupg/pubring.kbx' created
gpg: /home/<redacted>/.gnupg/trustdb.gpg: trustdb created

$ gpg --keyserver pool.sks-keyservers.net --recv-keys D1483FA6C3C07136
gpg: key 4E2C6E8793298290: public key "Tor Browser Developers (signing key) <torbrowser@torproject.org>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1

$ makepkg -cCs
==> Making package: tor-browser-en 6.5-1 (Thu 26 Jan 17:53:58 EET 2017)
(...snip...)
==> Finished making: tor-browser-en 6.5-1 (Thu 26 Jan 17:54:14 EET 2017)

Please let me know if there are other tests or information that might help you find the cause of the problem you encounter.

kyak commented on 2017-01-26 15:35

@kerberizer obviously, you've already had the needed gpg key imported while running an older version of gnupg.
Try (re)moving the ~/.gnupg directory, killing dirmngr (or rebooting) and have a lot of "fun" with the latest gnupg.

What bothers me most is that people are not able to read even two comments back and try downgrading gnupg and then reporting back if it worked or not.

There are two types of commenters here: 1) It works for me, fix your problem and 2) It doesn't work for me, and i can't read.

All comments