Package Details: tor-browser-bin 14.0.3-1

Git Clone URL: https://aur.archlinux.org/tor-browser-bin.git (read-only, click to copy)
Package Base: tor-browser-bin
Description: Tor Browser Bundle: anonymous browsing using Firefox and Tor
Upstream URL: https://www.torproject.org/projects/torbrowser.html
Licenses: MPL-2.0
Conflicts: tor-browser
Provides: tor-browser
Submitter: FabioLolix
Maintainer: grufo (jugs)
Last Packager: jugs
Votes: 1280
Popularity: 1.05
First Submitted: 2023-09-24 17:45 (UTC)
Last Updated: 2024-12-06 14:48 (UTC)

Pinned Comments

grufo commented on 2019-08-15 02:22 (UTC)

Before running makepkg, you must do this (as normal user):

$ gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org

If you want to update tor-browser from AUR without AUR helpers you can run in a terminal:

$ tor-browser -u

Latest Comments

« First ‹ Previous 1 .. 17 18 19 20 21 22 23 24 25 26 27 .. 77 Next › Last »

grufo commented on 2019-08-15 02:27 (UTC)

@DDoSolitary Done! Thank you!

grufo commented on 2019-08-15 02:22 (UTC)

Before running makepkg, you must do this (as normal user):

$ gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org

If you want to update tor-browser from AUR without AUR helpers you can run in a terminal:

$ tor-browser -u

DDoSolitary commented on 2019-08-13 06:49 (UTC)

The release signing key has been poisoned on the SKS key servers, so the recommended way of fetching the key is gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org, according to https://support.torproject.org/#how-to-verify-signature.

@grufo Please update your pinned comment accordingly.

je-vv commented on 2019-07-21 22:20 (UTC) (edited on 2019-07-21 22:21 (UTC) by je-vv)

An alternative gpg public key will be required (with corresponding signature files as well). Not sure if any of the other keys for tor-browser devs:

https://2019.www.torproject.org/docs/signing-keys.html.en

Can be used, with new asc files... I also had to get rid of another old key from Tor and another one from Enigmail...

l0b0 commented on 2019-07-10 09:21 (UTC)

The Tor browser key seems to have been spammed (https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f) - there were 121,244 signatures on it before I deleted it from pubkeys and saved 10 MB! Considering gpg --list-keys went from a few minutes to about a single second after deleting it's likely that this key will cause massive slow-down for people trying to validate the installation.

grufo commented on 2019-07-05 00:04 (UTC)

@barkley128 There is nothing to fix, the PKGBUILD does not contain any information about PGP servers. These you have to provide yourself, and if a server does not work, all you have to do is to search for another server.

-- grufo

barkley128 commented on 2019-07-04 08:32 (UTC) (edited on 2019-07-04 09:41 (UTC) by barkley128)

Can't you fix some key issue? Tried the latest methods in comments. The pgp.mit.edu site doesn't work. The full key import doesn't work. Please fix the package, or reupload the key to some working key server. Found one! This one imported nicely: gpg --keyserver pgp.surfnet.nl --recv-keys 0x4E2C6E8793298290