Package Details: tor-browser-bin 14.0.3-1

Git Clone URL: https://aur.archlinux.org/tor-browser-bin.git (read-only, click to copy)
Package Base: tor-browser-bin
Description: Tor Browser Bundle: anonymous browsing using Firefox and Tor
Upstream URL: https://www.torproject.org/projects/torbrowser.html
Licenses: MPL-2.0
Conflicts: tor-browser
Provides: tor-browser
Submitter: FabioLolix
Maintainer: grufo (jugs)
Last Packager: jugs
Votes: 1280
Popularity: 1.01
First Submitted: 2023-09-24 17:45 (UTC)
Last Updated: 2024-12-06 14:48 (UTC)

Pinned Comments

grufo commented on 2019-08-15 02:22 (UTC)

Before running makepkg, you must do this (as normal user):

$ gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@torproject.org

If you want to update tor-browser from AUR without AUR helpers you can run in a terminal:

$ tor-browser -u

Latest Comments

« First ‹ Previous 1 .. 36 37 38 39 40 41 42 43 44 45 46 .. 77 Next › Last »

beroal commented on 2017-01-15 10:33 (UTC)

@fightcookie: When "then"? Which "these keys"?

xuiqzy commented on 2017-01-14 23:11 (UTC)

but then we would trust these keys for all packages? isn't the validpgpkeys array in the pkgbuild exactly the right way of verifying only this package, as currently there are keys in there, too!? (but only the wrong ones) (see pkgbuild arch wiki) optimal would be a mechanism for knowing when the pgp key for only this package changes...

beroal commented on 2017-01-14 07:00 (UTC) (edited on 2017-01-14 07:01 (UTC) by beroal)

@ratcheer: See my comment under "All comments."

ratcheer commented on 2017-01-12 20:00 (UTC)

I also get this problem with the AUR package: tor-browser-linux64-6.0.8_en-US.tar.xz ... FAILED (unknown public key 2E1AC68ED40814E0)

xuiqzy commented on 2017-01-06 02:11 (UTC)

Can you please change the validpgpkeys to the correct ones since the current ones are not the ones the paackage is signed with? https://wiki.archlinux.org/index.php/PKGBUILD#validpgpkeys

pigmonkey commented on 2017-01-05 04:23 (UTC)

You may have a MITM. For me dist.torproject.org has a valid certificate from DigiCert. Extended validation: No Signature: SHA-256/RSA Key: 2048 bits RSA Common name: *.torproject.org Issued to: The Tor Project, Inc. Issued by: DigiCert Inc www.digicert.com Validity: 4/14/2016 -- 5/29/2019 Fingerprint: 34:10:F9:2B:0C:7E:EC:81:86:EE:B3:F8:FC:B0:EC:01:DD:CD:90:FB:7F:0C:ED:17:FC:B9:A9:08:70:0C:6A:42

marcin commented on 2017-01-05 04:12 (UTC)

Curl ssl certificate problem: curl: (60) SSL certificate problem: self signed certificate in certificate chain More details here: https://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. ==> ERROR: Failure while downloading https://dist.torproject.org/torbrowser/6.0.8/tor-browser-linux64-6.0.8_en-US.tar.xz Aborting... ==> ERROR: Makepkg was unable to build tor-browser-en. ==> Restart building tor-browser-en ? [y/N] ==> --------------------------------------- This seems to be torproject fault. Even manual going to https://dist.torproject.org/torbrowser/6.0.8/tor-browser-linux64-6.0.8_en-US.tar.xz in a chrome/chromium results in Privacy error.

indunil commented on 2016-12-15 02:14 (UTC) (edited on 2016-12-15 02:15 (UTC) by indunil)

Hey Guys, I'm having an issue on the tor update. "Failure while downloading https://dist.torproject.org/torbrowser/6.0.8/tor-browser-linux64-6.0.8_en-US.tar.xz Aborting..." -> Downloading tor-browser-linux64-6.0.8_en-US.tar.xz... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 curl: (60) SSL certificate problem: self signed certificate in certificate chain More details here: https://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option. ==> ERROR: Failure while downloading https://dist.torproject.org/torbrowser/6.0.8/tor-browser-linux64-6.0.8_en-US.tar.xz Aborting... ==> ERROR: Makepkg was unable to build tor-browser-en. ==> Restart building tor-browser-en ? [y/N] Please help

iskenderoguz commented on 2016-11-26 19:15 (UTC)

How can I install offline tor package ?

RubenKelevra commented on 2016-11-17 03:42 (UTC)

Please do not mess around with gpg-keyrings of the users with bloody scripting. AUR-Helper should just implement a semiautomatic function for this.