# [solved] emerge-webrsync: this key has expired ID C9189250

## e3k

i am getting this message when trying to rsync the portage. i also removed that key from gpg and added some new one but it is still the same.

could you please help me with this?

----------

## e3k

 *e3k wrote:*   

> i am getting this message when trying to rsync the portage. i also removed that key from gpg and added some new one but it is still the same.
> 
> could you please help me with this?

 

```

# emerge-webrsync

!!! Repository 'gentoo' has sync-type attribute, but is missing sync-uri attribute

Fetching most recent snapshot ...

Trying to retrieve 20151129 snapshot from ftp://gd.tuwien.ac.at/opsys/linux/gentoo ...

Fetching file portage-20151129.tar.xz.md5sum ...

Fetching file portage-20151129.tar.xz.gpgsig ...

Fetching file portage-20151129.tar.xz ... Checking digest ...

Checking signature ...

gpg: Signature made Mon 30 Nov 2015 01:57:04 AM CET using RSA key ID C9189250

gpg: Good signature from "Gentoo Portage Snapshot Signing Key (Automated Signing Key)" [expired]

gpg: Note: This key has expired!

Primary key fingerprint: DCD0 5B71 EAB9 4199 527F 44AC DB6B 8C1F 96D8 BF6D

Subkey fingerprint: E1D6 ABB6 3BFC FB4B A02F DF1C EC59 0EEA C918 9250

Getting snapshot timestamp ...

Syncing local tree ...

Number of files: 205,113 (reg: 177,975, dir: 27,138) Number of created files: 274 (reg: 251, dir: 23)

Number of deleted files: 86 (reg: 84, dir: 2)

Number of regular files transferred: 10,902

Total file size: 391.36M bytes

Total transferred file size: 28.18M bytes Literal data: 28.18M bytes Matched data: 0 bytes

File list size: 393.17K

File list generation time: 0.001 seconds File list transfer time: 0.000 seconds

Total bytes sent: 14.52M

Total bytes received: 240.08K

sent 14.52M bytes received 240.08K bytes 310.84K bytes/sec

total size is 391.36M speedup is 26.51 Cleaning up ...

...

```

----------

## Ant P.

```
emerge -u app-crypt/gentoo-keys
```

----------

## e3k

 *Ant P. wrote:*   

> 
> 
> ```
> emerge -u app-crypt/gentoo-keys
> ```
> ...

 

thanks for the hint Ant P. but i did not use gentoo-keys before. after installing that nothing changed and i also was not able to to google a manual for that.

further i have found that gpg thinks about all my keys that they are still valid so why does webrsync think something else?

```

# GNUPGPHOME=/etc/portage/gnupgp gpg --edit-key 0xDB6B8C1F96D8BF6D

gpg (GnuPG) 2.0.28; Copyright (C) 2015 Free Software Foundation, Inc.

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.

pub  4096R/96D8BF6D  created: 2011-11-25  expires: 2016-07-01  usage: C      trust: ultimate      validity: ultimate         

     sub  4096R/C9189250  created: 2011-11-25  expires: 2016-07-01  usage: S           [ultimate] (1). Gentoo Portage Snapshot Signing Key (Automated Signing Key)

gpg>

```

----------

## schorsch_76

Because emerge uses a different key file.

```
# check portage tree by rsync

FEATURES="webrsync-gpg"

PORTAGE_GPG_DIR="/etc/portage/gpg"

```

```
gpg --homedir=/etc/portage/gpg --list-keys
```

----------

## e3k

 *schorsch_76 wrote:*   

> Because emerge uses a different key file.
> 
> ```
> # check portage tree by rsync
> 
> ...

 

when using the /etc/portage/gpg folder it still says those keys expire in 2016

----------

## schorsch_76

Have you tried to specify the --homedir option like in my example? Maybe the environment variable is not respected?

----------

## e3k

 *schorsch_76 wrote:*   

> Have you tried to specify the --homedir option like in my example? Maybe the environment variable is not respected?

 

exactly thank you very much schorsch! the GNUPGPHOME variable is not respected because it should be GNUPGHOME instead. problem solved  :Smile: 

----------

## dol-sen

Just for the record.  You should update keyrings periodically.

To update the emerge-webrsync keyring:

```
gpg --gpg --homedir=/etc/portage/gpg --refresh-keys
```

That will update the keyring with any changes made to the keys it contains, including the resetting of expiry dates or keys that have been revoked.

----------

## e3k

 *dol-sen wrote:*   

> Just for the record.  You should update keyrings periodically.
> 
> To update the emerge-webrsync keyring:
> 
> ```
> ...

 

it says --gpg is ambigous and also i had to add --keyserver subkeys.pgp.net

----------

