Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Ubuntu 16.04 installation fails // Apt-get requires SHA2 hashes now

fabian
fabian April 18, 2016

Following the instructions (https://www.hipchat.com/downloads#linux-install) leads to a failure on Ubuntu 16.04 (Xenial, to be released on April 21st) when trying to update the repo data. The reasons seems to be an update of apt's security policy which now requires a SHA2 key to consider hashes secure. Currently, the HipChat repo only supports md5 sums and SHA1 hashes.

sudo apt-get update fails with the following message:

E: Failed to fetch https://atlassian.artifactoryonline.com/atlassian/hipchat-apt-client/dists/xenial/Release No Hash entry in Release file /var/lib/apt/lists/partial/atlassian.artifactoryonline.com_atlassian_hipchat-apt-client_dists_xenial_Release which is considered strong enough for security purposes

There are MD5 sums and SHA1 hashes given, SHA2 is missing (Dump of

/var/lib/apt/lists/partial/atlassian.artifactoryonline.com_atlassian_hipchat-apt-client_dists_xenial_Release):

Origin: Artifactory
Label: Artifactory
Suite: xenial
Codename: xenial
Date: Tue, 29 Mar 2016 19:01:35 UTC
Component: main
Architectures: amd64 i386
MD5Sum:
 dd3772098a8667377384e60378c02be7             3170 main/binary-amd64/Packages
 f1f74c92647239e2749f83f5f213bb2b              892 main/binary-amd64/Packages.bz2
 e06cf7ceacbc63f92bbf183481cdc089              709 main/binary-amd64/Packages.gz
 d41d8cd98f00b204e9800998ecf8427e                0 main/binary-i386/Packages
 4059d198768f9f8dc9372dc1c54bc3c3               14 main/binary-i386/Packages.bz2
 3970e82605c7d109bb348fc94e9eecc0               20 main/binary-i386/Packages.gz
SHA1:
 e47c8e208e97cb0720b6414fbd388f07a48f62d9             3170 main/binary-amd64/Packages
 3576add76d8cefde17794f7f25549fad2e037838              892 main/binary-amd64/Packages.bz2
 4f75b0e662b9eff505de8ed428d40c9543048121              709 main/binary-amd64/Packages.gz
 da39a3ee5e6b4b0d3255bfef95601890afd80709                0 main/binary-i386/Packages
 64a543afbb5f4bf728636bdcbbe7a2ed0804adc2               14 main/binary-i386/Packages.bz2
 e03849ea786b9f7b28a35c17949e85a93eb1cff1               20 main/binary-i386/Packages.gz

Best,

Fabian

Answer
Watch
Like # people like this
2059 views

5 answers

1 accepted

0 votes
Answer accepted
fabian
fabian May 20, 2016

SHA256 hashes have been appended on Mon, 16 May 2016 04:21:21 UTC and installation of hipchat4 works now. Thanks!

Reply
1 vote
fabian
fabian April 24, 2016

Hey William, 

thanks for describing the alternative route! Mine is to just use https://web.hipchat.com for the moment.

While it might be a more complicated task to automate builds with included SHA256 hashes, it might be a quick fix to just call sha256sum for all files and manually add this data for the current build. At least the path of installing HipChat with a chance of possibly broken update options seems a better one than not installing HipChat at all.

Best,

Fabian

View More Comments
William Crighton _CCC_
William Crighton _CCC_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 2, 2016

@Fabian Topfstedt

Nice additional information Fabian. I've never tried the sha256sum/adding for current build. Nifty.

-wc

Like
Reply
1 vote
William Crighton _CCC_
William Crighton _CCC_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 22, 2016

Hey Fabian - nice catch. That sha1 deprecation is going to play hell with everyone.

such an awesome error message...

apt-get update
E: Failed to fetch https://atlassian.artifactoryonline.com/atlassian/hipchat-apt-client/dists/xenial/Release  No Hash entry in Release file /var/lib/apt/lists/partial/atlassian.artifactoryonline.com_atlassian_hipchat-apt-client_dists_xenial_Release which is considered strong enough for security purposes

 

Anyway, you can get around this problem with an (unsecure, know WTF you are doing workaround) by just downloading the deb file by hand and installing it using dpkg:

NOTE: before executing any of these command line statements you'll want to be sure your system is updated, has the dependencies installed, and that you know what you are doing.

  • the example shown below downloads the 64bit HipChat 4 client for Ubuntu Xenial - if you need a different client/have a different OS you'll need to find another answer

Steps

  1. download hipchat4 using the repository URL and path shown below
    1. URL and Path: https://atlassian.artifactoryonline.com/atlassian/hipchat-apt-client/pool/HipChat4-4.0.1633-Linux.deb
    2. Command line to download file: wget https://atlassian.artifactoryonline.com/atlassian/hipchat-apt-client/pool/HipChat4-4.0.1633-Linux.deb -O HipChat4-4.0.1633-Linux.deb
  2. NOTE: this information was extracted from running the repository data/policy data using a hybrid Ubuntu desktop that's running some combination of 14.04, 15.04 and 15.10 packages, kernel and stuffs - as I said, you need to know what you are doing prior to messing with packages as the raw learning process can be l o n g and p a i n f u l l.
  3. Once the deb file has been download you can install it with:
    1. dpkg -i HipChat4-4.0.1633-Linux.deb

ah, nevermind, looks like Atlassian has released a new client already

nope, nothing new available. the above works, however. Just make sure you get the right architecture for your desktop (32bit/64bit)

-wc

 

 

Reply
0 votes
Jan Rasche
Jan Rasche April 28, 2017

"Just make sure you get the right architecture for your desktop (32bit/64bit)"

How can I do get a 32bit version? Is there any i386 wersion of the link?

 

Thanks, Jan

Reply
0 votes
John Jones8
John Jones April 22, 2016

Also looking for help on this very issue.

Reply

Suggest an answer

Log in or Sign up to answer
Hipchat
Hipchat
TAGS
AUG Leaders

Atlassian Community Events

    See all events