curl -L get.rvm.io | bash -s stable fails on cent OS (on HOSTGATOR)

November 2, 2014 25.3k views

Hi,

I need to install ruby, rails and postgresql on CENT OS hosted on hostgator.
When I run "curl -L get.rvm.io | bash -s stable" I get the following error.
I have done it before.

Please help. And thanks in advance for all the help.

Thanks
Soundararajan

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 22575 100 22575 0 0 56872 0 --:--:-- --:--:-- --:--:-- 290k
Downloading https://github.com/wayneeseguin/rvm/archive/1.26.0.tar.gz
Downloading https://github.com/wayneeseguin/rvm/releases/download/1.26.0/1.26.0.tar.gz.asc
gpg: Signature made Wed 29 Oct 2014 07:52:06 AM CDT using RSA key ID BF04FF17
gpg: Can't check signature: No public key
Warning, RVM 1.26.0 introduces signed releases and automated check of signatures when GPG software found.
Assuming you trust Michal Papis import the mpapis public key (downloading the signatures).

GPG signature verification failed for '/usr/local/rvm/archives/rvm-1.26.0.tgz' - 'https://github.com/wayneeseguin/rvm/releases/download/1.26.0/1.26.0.tar.gz.asc'!
try downloading the signatures:

gpg2 --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3

they can be compared with:

https://rvm.io/mpapis.asc
https://keybase.io/mpapis

Downloading https://bitbucket.org/mpapis/rvm/get/1.26.0.tar.gz
Downloading https://github.com/wayneeseguin/rvm/releases/download/1.26.0/1.26.0.tar.gz.asc
gpg: Signature made Wed 29 Oct 2014 07:52:06 AM CDT using RSA key ID BF04FF17
gpg: Can't check signature: No public key
Warning, RVM 1.26.0 introduces signed releases and automated check of signatures when GPG software found.
Assuming you trust Michal Papis import the mpapis public key (downloading the signatures).

GPG signature verification failed for '/usr/local/rvm/archives/rvm-1.26.0.tgz' - 'https://github.com/wayneeseguin/rvm/releases/download/1.26.0/1.26.0.tar.gz.asc'!
try downloading the signatures:

gpg2 --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3

they can be compared with:

https://rvm.io/mpapis.asc
https://keybase.io/mpapis
4 comments
3 Answers

It is a security feature introduced in the latest version of RVM
https://github.com/wayneeseguin/rvm/releases/tag/1.26.0

You just need to follow the instruction to import the key:

$ gpg2 --keyserver hkp://keys.gnupg.net --recv-keys D39DC0E3
edited by asb

I hope this can help you
https://github.com/rvm/rvm/issues/3108

I fix it after follow the steps below.

$ gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3
gpg: requesting key D39DC0E3 from hkp server keys.gnupg.net
gpg: key D39DC0E3: public key "Michal Papis (RVM signing) mpapis@gmail.com" imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: next trustdb check due at 2017-01-12
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)

$ gpg --list-key D39DC0E3
pub 4096R/D39DC0E3 2014-10-28
uid Michal Papis (RVM signing) mpapis@gmail.com
sub 4096R/BF04FF17 2014-10-28 [expires: 2016-01-05]

$ gpg --edit-key D39DC0E3
gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

pub 4096R/D39DC0E3 created: 2014-10-28 expires: never usage: SC
trust: unknown validity: unknown
sub 4096R/BF04FF17 created: 2014-10-28 expires: 2016-01-05 usage: S
[ unknown] (1). Michal Papis (RVM signing) mpapis@gmail.com

gpg> key 1

pub 4096R/D39DC0E3 created: 2014-10-28 expires: never usage: SC
trust: unknown validity: unknown
sub* 4096R/BF04FF17 created: 2014-10-28 expires: 2016-01-05 usage: S
[ unknown] (1). Michal Papis (RVM signing) mpapis@gmail.com

gpg> trust
pub 4096R/D39DC0E3 created: 2014-10-28 expires: never usage: SC
trust: unknown validity: unknown
sub* 4096R/BF04FF17 created: 2014-10-28 expires: 2016-01-05 usage: S
[ unknown] (1). Michal Papis (RVM signing) mpapis@gmail.com

Please decide how far you trust this user to correctly verify other users' keys
(by looking at passports, checking fingerprints from different sources, etc.)

1 = I don't know or won't say
2 = I do NOT trust
3 = I trust marginally
4 = I trust fully
5 = I trust ultimately
m = back to the main menu

Your decision? 4

pub 4096R/D39DC0E3 created: 2014-10-28 expires: never usage: SC
trust: full validity: unknown
sub* 4096R/BF04FF17 created: 2014-10-28 expires: 2016-01-05 usage: S
[ full] (1). Michal Papis (RVM signing) mpapis@gmail.com

gpg> quit

---------------------------------TRY THIS BROTHER------------------------------

first install gpgv2
sudo apt-get install gpgv2

secondly
curl -sSL https://rvm.io/mpapis.asc | gpg --import

Have another answer? Share your knowledge.