ERROR: Exhausted all sources trying to fetch version 'latest' of RVM - ruby-on-rails

I am configuring CentOS 6 Server. i am trying to install rvm but i am getting error. when i try to install rvm in server. Can anyone knows the reason?
step1.
gpg --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
OUTPUT
gpg: key D39DC0E3: "Michal Papis (RVM signing) <mpapis#gmail.com>" not changed
gpg: key D39DC0E3: "Totally Legit Signing Key <mallory#example.org>" not changed
gpg: key 39499BDB: "Piotr Kuczynski <piotr.kuczynski#gmail.com>" not changed
gpg: Total number processed: 3
gpg: unchanged: 3
step 2 (where i get error)
curl -sSL https://get.rvm.io | bash -s stable
Output
WARN: ...the preceeding error with code 35 occurred while fetching https://api.github.com/repos/rvm/rvm/tags
curl: (35) SSL connect error
WARN: ...the preceeding error with code 35 occurred while fetching https://api.bitbucket.org/2.0/repositories/mpapis/rvm/refs/tags?sort=-name&pagelen=20
ERROR: Exhausted all sources trying to fetch version 'latest' of RVM!

What is the version of cURL in your server?
This might shed some light: cURL SSL connect error 35 with NSS error -5961

Related

Error while installing ROS : gpg: no valid OpenPGP data found

xyz#ubuntu:~$ curl -s https://raw.githubusercontent.com/ros/rosdistro/master/ros.asc | sudo apt-key add -
gpg: no valid OpenPGP data found.
getting this error while installing ROS noetic in ubuntu 20.04.5, arm64, UTM
Tried few steps but didn't worked

error while installing RVM (gpg key problem)

I am trying to install RVM on my ubuntu system using this blog. https://rvm.io/
when I run these command
gpg2 --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
\curl -sSL https://get.rvm.io | bash -s stable
I am getting this problem.
Downloading https://github.com/rvm/rvm/archive/1.29.9.tar.gz
Downloading https://github.com/rvm/rvm/releases/download/1.29.9/1.29.9.tar.gz.asc
gpg: Signature made Wednesday 10 July 2019 02:01:02 PM IST
gpg: using RSA key 7D2BAF1CF37B13E2069D6956105BD0E739499BDB
gpg: Good signature from "Piotr Kuczynski <piotr.kuczynski#gmail.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 7D2B AF1C F37B 13E2 069D 6956 105B D0E7 3949 9BDB
GPG verified '/usr/share/rvm/archives/rvm-1.29.9.tgz'
tar: binscripts: Cannot utime: Operation not permitted
tar: config/solaris: Cannot utime: Operation not permitted
tar: config: Cannot utime: Operation not permitted
tar: contrib/hudson: Cannot utime: Operation not permitted
tar: contrib: Cannot utime: Operation not permitted
tar: docs: Cannot utime: Operation not permitted
I think keys are not working. Does anyone knows how to solve this problem?
Looks like the ubuntu rvm package is already installed and you are trying to install rvm again. If you installed using the package, there is no need to run the manual install steps, rvm will work.
To remove the package, just use sudo apt purge rvm. After it finishes, check if you have any presence of /usr/share/rvm and delete the folder in case it's present.
After that, you can get the latest rvm through the steps you are already doing.

rvm installed and not found

installed rvm this way on debian server:
root#aaa-env1-chef-demo-dal01:/home/partuck# curl -L https://get.rvm.io | bash -s stable
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 184 100 184 0 0 1149 0 --:--:-- --:--:-- --:--:-- 1628
100 22721 100 22721 0 0 84938 0 --:--:-- --:--:-- --:--:-- 84938
Downloading https://github.com/rvm/rvm/archive/1.26.11.tar.gz
Downloading https://github.com/rvm/rvm/releases/download/1.26.11/1.26.11.tar.gz.asc
gpg: Signature made Mon Mar 30 21:52:13 2015 UTC using RSA key ID BF04FF17
gpg: Good signature from "Michal Papis (RVM signing) <mpapis#gmail.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 409B 6B17 96C2 7546 2A17 0311 3804 BB82 D39D C0E3
Subkey fingerprint: 62C9 E5F4 DA30 0D94 AC36 166B E206 C29F BF04 FF17
GPG verified '/usr/local/rvm/archives/rvm-1.26.11.tgz'
Upgrading the RVM installation in /usr/local/rvm/
Upgrade of RVM in /usr/local/rvm/ is complete.
# partuck,
#
# Thank you for using RVM!
# We sincerely hope that RVM helps to make your life easier and more enjoyable!!!
#
# ~Wayne, Michal & team.
In case of problems: http://rvm.io/help and https://twitter.com/rvm_io
Upgrade Notes:
* No new notes to display.
root#aaa-env1-chef-demo-dal01:/home/partuck# rvm list
bash: rvm: command not found
As you can see the rvm is still not avaiable. there is no ~/.rvm directory to source (~/.source ~/.rvm/scripts/rvm)
Looks like you install rvm on a system-wide, run command:
$ source /etc/profile.d/rvm.sh
and check again:
$ rvm -v
or restart shell. thx #Gearmode
You could fix this issue by writing
source ~/.rvm/scripts/rvm
in .bashrc file.

RVM install on Ubuntu failing (error importing public key) [Kodign VM]

I am trying to install RVM in my Ubuntu machine with the following info:
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04 LTS
I am doing this by following the official RVM guide, presented here:
https://rvm.io/rvm/install
However I fail in the very first command, I cannot import mpapi's public key (even when using sudo):
gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
I get the following error:
fl4m3ph03n1x: ~ $ sudo gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
gpg: WARNING: unsafe ownership on configuration file `/home/fl4m3ph03n1x/.gnupg/gpg.conf'
gpg: external program calls are disabled due to unsafe options file permissions
gpg: keyserver communications error: general error
gpg: keyserver receive failed: general error
At first I thought that the problem was a permission issue (by checking the warning), but after reading and trying out the solution in the discussion below nothing changed.
gpg: WARNING: unsafe ownership on configuration file, $gpg --fingerprint on Ubuntu9.10
Here are the permissions on the file:
fl4m3ph03n1x: ~ $ ls -ld /home/fl4m3ph03n1x/.gnupg/gpg.conf
-rwx------ 1 fl4m3ph03n1x fl4m3ph03n1x 9398 Jul 21 14:43 /home/fl4m3ph03n1x/.gnupg/gpg.conf
fl4m3ph03n1x: ~ $ ls -l /home/fl4m3ph03n1x/.gnupg/gpg.conf
-rwx------ 1 fl4m3ph03n1x fl4m3ph03n1x 9398 Jul 21 14:43 /home/fl4m3ph03n1x/.gnupg/gpg.conf
What am I doing wrong ? How can I fix my problem?
It turns out that the problem was indeed fixed by file permissions. There are a few things I want to point out however.
The solution for this problem relies in changing the permission of several files in cascade.
For a more complete answer on permissions, I recommend this discussion, suggested by Maxim Pontyushenko:
gpg: WARNING: unsafe ownership on configuration file, $gpg --fingerprint on Ubuntu9.10
Now for the solution itself. You must changed the ownership and the read/write permissions of the following files, in the following order:
/home/[username]/.gnupg/gpg.conf
/home/[username]/.gnupg/pubring.gpg
/home/[username]/.gnupg/trustdb.gpg
You must change the permissions on these 3 files in this specific order.
Additionally, do not run the gpg command using sudo.
If you do it, you will be stuck on a error regarding safe file permissions to which i was not able to find any solution.
Instead, run the gpg command using your username.
I hope this helps the next person having problems. Kudos++ to all who commented!

rvm installation gpg key warning

To install rvm, I use the command provided on the rvm website (https://rvm.io/rvm/install) to install stable versions of rvm:
\curl -sSL https://get.rvm.io | bash -s stable --ruby
I am a little concerned about the warning I get from gpg: "There is no indication that the signature belongs to the owner." Is this gpg just being a bit too picky? The primary key fingerprint (409B 6B17 96C2 7546 2A17 0311 3804 BB82 D39D C0E3) matches Michal Papis so that is re-assuring.
But then why does gpg warn that "This key is not certified with a trusted signature! There is no indication that the signature belongs to the owner"? This reminds me of Certificate Authorities (CAs) and not paying a CA, but doesn't gpg work differently?
Output during installation:
Downloading https://github.com/rvm/rvm/archive/1.26.11.tar.gz
Downloading https://github.com/rvm/rvm/releases/download/1.26.11/1.26.11.tar.gz.asc
gpg: Signature made Mon Mar 30 14:52:13 2015 PDT using RSA key ID BF04FF17
gpg: Good signature from "Michal Papis (RVM signing) <mpapis#gmail.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 409B 6B17 96C2 7546 2A17 0311 3804 BB82 D39D C0E3
Subkey fingerprint: 62C9 E5F4 DA30 0D94 AC36 166B E206 C29F BF04 FF17
GPG verified '/Users/MyHome/.rvm/archives/rvm-1.26.11.tgz'
GnuPG does more than verifying a hash sum, it can also help you at verifying who issued a signature.
This line tells you, that the signature is valid (file is untampered) and was made using a certain key.
gpg: Good signature from "Michal Papis (RVM signing) <mpapis#gmail.com>"
Simply having a key locally does not help you at deciding whom it really belongs to:
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 409B 6B17 96C2 7546 2A17 0311 3804 BB82 D39D C0E3
GnuPG requires a trust path from a key owned by you to the key you want to validate, similarly to the chain of trust for X.509 (as used in HTTPS ...).
A basic approach to verifying the key manually would be comparing its fingerprint against the one provided on the TLS-secured download page (https://rvm.io/rvm/install), which hopefully are equal (don't care whether there are spaces or not in-between, that's just for readability). This way, you'll have to trust the web page, but not care for the rather complex OpenPGP trust idea. Using the OpenPGP web of trust to validate key ownership, you can probably be more certain of the issuer, you have to decide on your own how much effort you put into the validation.
It's fine. I don't think you actually need to use SSL anyway but if you do so as per the instructions on the rvm page, make sure you add the key first.
gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
\curl -sSL https://get.rvm.io | bash -s stable

Resources