Yes, your key is expired. The SUSE download page explicitly says you should fetch the key from their place to avoid using old keys. Some platforms do that automatically, but Ubuntu apparently does not(?)
The key you grabbed, seems to be a completely unrelated key. It does not seem to be coming from the openSUSE OBS at all. To me, it looks more like a key for server package signing, rather than desktop client – but also not expired at all.
gpg: WARNING: no command supplied. Trying to guess what you mean ...
pub rsa2048 2013-08-26 [SC] [expires: 2023-08-23]
DDA2C105C4B73A6649AD2BBD47AE7F72479BC94B
uid ownCloud build service <obsrun@localhost>
sub rsa2048 2013-08-26 [E] [expires: 2023-08-23]
sub dsa2048 2013-08-26 [S] [expires: 2023-08-23]
sub elg2048 2013-08-26 [E] [expired: 2018-08-25]
@plettich Thanks for confirming!
I’ve done some web crawling, and it seems, indeed, the keyservers out there disagree, weather our key exists, is expired, or is valid:
I don’t have any information if Ubuntu apt-get would grab keys from the public key servers at all.
(I can see that e.g. Fedora is updating keys frequently.)
In case it does, I’ve pushed the updated key to the list of servers above. They now all report an expiry date of 2022-04-02 – hope that helps in the unattended update case, or somewhere else
In case it does, I’ve pushed the updated key to the list of servers above. They now all report an expiry date of 2022-04-02 – hope that helps in the unattended update case, or somewhere else
curl -L https://download.owncloud.com/desktop/ownCloud/stable/latest/linux/Ubuntu_18.04/Release.key | gpg -
gpg: WARNING: no command supplied. Trying to guess what you mean …
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1412 100 1412 0 0 10537 0 --:–:-- --:–:-- --:–:-- 10537
pub rsa2048 2015-09-28 [SC] [ expired: 2023-04-05]
06D7EADE708A40FA136EB4540700205DFD41A71A
uid devel OBS Project devel@s2.owncloud.com
