Now when I was looking on the Proxmox repos http://download.proxmox.com/debian/ they seem to use another type of signing keys I do not really understand. They are not in “clear” text so not really sure how to handle them.
I can sync the repos without assigning GPG keys to the repos but figured it should be possible to assign one? Any ideas?
Unable to verify any Release files from 'http://download.proxmox.com/debian/dists/bullseye' using the GPG key provided.
If I manually download the InRelease file, and obtain the key using the method described here, I end up with the same key that did not work during sync, and can use it to verify locally on my laptop.
@tedevil Can you open an issue for this? Issues - Katello - Foreman Please link to this thread from the issue, and post the issue in this thread when you are done.
Not used to work with Debian distros/repos but I see on the Proxmox nodes the directory /etc/apt/trusted.gpg.d that contains some keys.
ex.
proxmox-release-bookworm.gpg
I assume this key is used by the Proxmox node but looks encrypted or something since it is not in clear text.
key.asc is on the repo and looks like a “normal” key but as you said, does not work to use with Foreman.
Yes, unfortunately the keys are not ASCII-armoured. But fear not, it is fairly easy to convert them.
You can simply import the key into your local GPG keyring and export it in armored format:
