Develop Reference

gpg: no valid OpenPGP data found while adding ubuntu-toolchain package

I'm executing this command: sudo add-apt-repository ppa:ubuntu-toolchain-r/test
And I'm getting this output in terminal:
gpg: keybox '/tmp/tmphrotribt/pubring.gpg' created
gpg: /tmp/tmphrotribt/trustdb.gpg: trustdb created
gpg: key 1E9377A2BA9EF27F: public key "Launchpad Toolchain builds" imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: no valid OpenPGP data found.
Is the command executed well? Or the last line of output "gpg: no valid OpenPGP data found." is some error?

need to know kernel gpg (--kerserver) command addresses -- gpg command

I am running Debian 5.10.0-kali7-amd64 amd compiling kernel linux-5.12-6 when I run
gpg --keyserver subkeys.pgp.net --recv-keys xxxxxxxx....
command
it gives
gpg: keyserver receive failed: No route to host
and when I run
gpg --recv-keys xxxx
it gives following
gpg: key 38DBBDC86092693E: new key but contains no user ID - skipped
gpg: Total number processed: 1
gpg: w/o user IDs: 1
What is above error. on this link it says
https://superuser.com/questions/1485213/gpg-cant-import-key-new-key-but-contains-no-user-id-skipped
You are probably using the xxxx.org keyserver, which has an owner approval system it will strip all user IDs unless the owner of the corresponding email address has allowed them to be published.
Or how to verify the kernel
For kernel compiling I am using this tutorial https://www.cyberciti.biz/tips/compiling-linux-kernel-26.html
It also talks about verifying kernel sign with gpg --recv-keys xxxx.... again it also gives
gpg: key 38DBBDC86092693E: new key but contains no user ID - skipped
gpg: Total number processed: 1
gpg: w/o user IDs: 1
how to resolve the above so I get output of gpg --recv-keys xxxxx... something like following
gpg: key xxxx: 7 duplicate signatures removed
gpg: key xxxxx: 172 signatures not checked due to missing keys
gpg: /home/vivek/.gnupg/trustdb.gpg: trustdb created
gpg: key 79BE3E4300411886: public key "Linus Torvalds torvalds#kernel.org" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1

The instructions for that particular key are given at:
https://www.kernel.org/signature.html
I cannot vouch for the security of following those instructions, other than to say that they are hosted on kernel.org and delivered via https.
In case the URL mentioned above breaks (gets moved or deleted), I have the broad strokes of the solution listed below. I've removed the parts that specifically refer to gregkh#kernel.org who is associated with the key (RSA key ID 38DBBDC86092693E) you mentioned
gpg2 --locate-keys torvalds#kernel.org gregkh#kernel.org
gpg2 --tofu-policy good <RSAKEY_IN_DOUBT>
gpg2 --trust-model tofu --verify linux-5.12-6.tar.sign

Hyperledger Fabric: Chain file does not exist at /etc/hyperledger/fabric-ca-server/ca-chain.pem

we get this error when trying to enroll a user against an intermediate CA:
root#dda3b6a7d56c:/home# fabric-ca-client enroll -u http://ica-admin:ica-adminpw#ica-jnj:7054 -M ica-admin
2019/03/21 16:47:27 [INFO] Created a default configuration file at /root/.fabric-ca-client/fabric-ca-client-config.yaml
2019/03/21 16:47:27 [INFO] generating key: &{A:ecdsa S:256}
2019/03/21 16:47:27 [INFO] encoded CSR
Error: Response from server: Error Code: 0 - Chain file does not exist at /etc/hyperledger/fabric-ca-server/ca-chain.pem
we started our intermediate CA (ica-jnj server) like this:
root#710d3b5984cd:/etc/hyperledger/fabric-ca-server# fabric-ca-server start -b ica-admin:ica-adminpw -u http://admin:adminpw#rca-jnj:7054
we are not using any TLS. how can we fix this error?

The most likely cause of this error is that the files ca-cert.pem and ca-key.pem were not deleted before starting the intermediate CA. When an instance of fabric-ca is created, it automatically comes with above 2 files inside /etc/hyperledger/fabric folder. These files need to be deleted for an intermediate CA. Once you do that, after starting the fabric-ca-server you should see ca-chain.pem file in the directory. The chain file can be inspected by running:
openssl crl2pkcs7 -nocrl -certfile ca-chain.pem | openssl pkcs7 -print_certs -text -noout
and will show the chain from intermediate CA to root CA

gpg: Key generation canceled

I am having a hard time generating a gpg keypair in linux. I am following the steps in this tutorial: https://www.gnupg.org/gph/en/manual/c14.html
However, after it asks me for a passphrase and I insert one, I get the following message:
gpg: can't connect to the agent: IPC connect call failed
gpg: problem with the agent: No agent running
gpg: can't connect to the agent: IPC connect call failed
gpg: problem with the agent: No agent running
gpg: Key generation canceled.
What could be the problem here?

In shell run following command
kill -9 gpg-agent
source <(gpg-agent --daemon)

openSUSE shim certificate for uefi secure boot

Is openSUSE shim bootloader signed with openSUSE private key?
If so, where can I find the corresponding openSUSE certificate for secure boot verification purpose?

A public key can be retrieved from the shim source package:
Download
http://download.opensuse.org/source/distribution/13.1/repo/oss/suse/src/shim-0.2-3.1.src.rpm
Extract using e.g.:
rpm2cpio shim-0.2-3.1.src.rpm | cpio -dium
Unpack tar-ball that is inside:
tar-xJf shim-12.3-update.tar.xz
The certificate can now be found in the usr/lib64/efi subdir:
openssl x509 -inform der -in usr/lib64/efi/shim-opensuse.der -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=openSUSE Secure Boot CA, C=DE, L=Nuremberg, O=openSUSE Project/emailAddress=build#opensuse.org
You can verify 2nd stage bootloaders and kernels using sbverify from the sbsigntool package (that's what its called on Ubuntu)