Is Ubuntu vulnerable to fake keys?

Maybe I’m missing something, but what prevents someone from using a key they have made and uploaded to the ubuntu keyserver to serve a corrupted ISO?

I just created a fake ubuntu signing key, uploaded it to the ubuntu key server, created a fake SHA256SUM.gpg, and was able to download my fake key from the server, and it looks legit.

Nothing! This is why I don’t fetch random keys from a keyserver, I use the archive keyring shipped with Ubuntu (apt install ubuntu-keyring):

gpgv --keyring=/usr/share/keyrings/ubuntu-archive-keyring.gpg SHA256SUMS.gpg SHA256SUMS

This, of course, assumes that you already have an Ubuntu system that contains this keyring.

If you don’t, fetching the key from the keyserver should be safe, if you check the fingerprint against a source you trust. Ideally those would be published on an HTTPS-authenticated page somewhere on the Ubuntu website, but if they are, I couldn’t find it.

The tutorial instructions are, IMHO, insecure.

1 Like

Hi, thanks for the disussion.

We do publish the archive keys and other import gpg keys used in Ubuntu at ; that page is accessible via HTTPS and there are acls on that page that only permit editing by the Ubuntu Security Team.

That said, it’s not nearly discoverable enough and should be split into its own page, and would also warrant links to so that the keys can be downloaded directly.

1 Like