View Full Version : ROS Key's update

06-26-2019, 04:02 PM
If your haveing troble updateing this is why.
"The machine hosting build.ros.org 47 (http://build.ros.org), which is the build farm for ROS 1, was recently compromised. We took that machine offline and are in the process of deploying a new farm, with the known exploit patched.
The compromise included local privilege escalation sufficient to access the GPG private key used for signing Debian packages and to push Debian packages into the public-facing repository. We have no reason to believe that any such malicious activity occurred, but at this point we are unable to rule it out.
So, in an abundance of caution, we are using a newly generated GPG key pair for the new build.ros.org 47 (http://build.ros.org). Because the same GPG key is used to build ROS 2 packages we also swapped the key on build.ros2.org 5 (http://build.ros2.org).
As a result of the farm redeployment and key change, users who are installing or updating ROS packages may encounter service disruptions.
We are working diligently to get back to normal operation as quickly as possible and will provide more updates as we have them."
On Both machines use :
On both the robot and your workstation you need to add the new key:
sudo apt-key adv --keyserver 'hkp://keyserver.ubuntu.com:80' --recv-key C1CF6E31E6BADE8868B172B4F42ED6FBAB17C654
And remove the old one:
sudo apt-key del 421C365BD9FF1F717815A3895523BAEEB01FA116

Hope this helps.

06-26-2019, 07:43 PM
The internet is a well engineered system with a robust security model. Any apparent similarity to a house of cards is entirely coincidental.