Importing keys from keyring.debian.org fail
Updating repositories with apt update
fails since the public keys of several signatures are not available.
$ sudo apt update
Get:1 http://security.debian.org/debian-security stretch/updates InRelease [94.3 kB]
Ign:2 http://deb.debian.org/debian stretch InRelease
Hit:3 http://deb.debian.org/debian stretch Release
Ign:4 http://ftp.fr.debian.org/debian stretch InRelease
Ign:6 http://ftp.fr.debian.org/debian jessie InRelease
Hit:7 https://fr.archive.ubuntu.com/ubuntu bionic InRelease
Hit:8 http://ftp.fr.debian.org/debian stretch Release
Get:5 http://ftp.fr.debian.org/debian stretch-updates InRelease [91.0 kB]
Hit:9 https://riot.im/packages/debian stretch InRelease
Hit:10 http://ftp.fr.debian.org/debian jessie Release
Err:1 http://security.debian.org/debian-security stretch/updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY 8B48AD6246925553
Get:11 https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease [1,480 B]
Ign:12 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ InRelease
Hit:13 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release
Err:14 http://deb.debian.org/debian stretch Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
Get:15 https://content.runescape.com/downloads/ubuntu trusty InRelease [2,236 B]
Err:16 http://ftp.fr.debian.org/debian stretch Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
Err:9 https://riot.im/packages/debian stretch InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E019645248E8F4A1
Err:5 http://ftp.fr.debian.org/debian stretch-updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010
Err:17 http://ftp.fr.debian.org/debian jessie Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY CBF8D6FD518E17E1
Err:11 https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4B4E7A9523ACD201
Err:18 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2F7F0DA5FD5B64B9
Err:15 https://content.runescape.com/downloads/ubuntu trusty InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7373B12CE03BEB4B
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://security.debian.org/debian-security stretch/updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY 8B48AD6246925553
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://deb.debian.org/debian stretch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
W: Skipping acquire of configured file 'xenial/binary-amd64/Packages' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/binary-i386/Packages' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/i18n/Translation-en_US' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/i18n/Translation-en' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/dep11/Components-amd64.yml' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/dep11/icons-64x64.tar' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian stretch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://riot.im/packages/debian stretch InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E019645248E8F4A1
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian stretch-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian jessie Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY CBF8D6FD518E17E1
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4B4E7A9523ACD201
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2F7F0DA5FD5B64B9
W: GPG error: https://content.runescape.com/downloads/ubuntu trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7373B12CE03BEB4B
E: The repository 'https://content.runescape.com/downloads/ubuntu trusty InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
I tried to update the keys without keyring.debian.org
$ gpg --recv-keys 9D6D8F6BC857C906
gpg: key 9D6D8F6BC857C906: 12 signatures not checked due to missing keys
gpg: key 9D6D8F6BC857C906: "Debian Security Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
and with
$ gpg --keyserver keyring.debian.org --recv-keys 9D6D8F6BC857C906
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
ca-certificates
is up-to-date with version 20180409
as well as debian-keyring
with version 2018.03.24
.
I have also deleted /etc/apt/trusted.gpg
as per https://serverfault.com/q/851724.
@Stephen Kitt's request:
$ ls -la /etc/apt/trusted.gpg.d
total 28
drwxr-xr-x 2 root root 4096 Jan 2 10:42 .
drwxr-xr-x 6 root root 4096 Jan 2 11:06 ..
-rw-r--r-- 1 root root 10345 Jan 2 10:42 ubuntu-keyring-2012-archive.gpg
-rw-r--r-- 1 root root 2796 Feb 6 2018 ubuntu-keyring-2012-archive.gpg~
-rw-r--r-- 1 root root 2794 Feb 6 2018 ubuntu-keyring-2012-cdimage.gpg
$ apt policy debian-archive-keyring
debian-archive-keyring:
Installed: 2017.7ubuntu1
Candidate: 2017.7ubuntu1
Version table:
*** 2017.7ubuntu1 500
500 https://fr.archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
500 https://fr.archive.ubuntu.com/ubuntu bionic/universe i386 Packages
100 /var/lib/dpkg/status
2017.5 500
500 http://ftp.fr.debian.org/debian stretch/main amd64 Packages
500 http://ftp.fr.debian.org/debian stretch/main i386 Packages
500 http://deb.debian.org/debian stretch/main amd64 Packages
500 http://deb.debian.org/debian stretch/main i386 Packages
2017.5~deb8u1 500
500 http://ftp.fr.debian.org/debian jessie/main amd64 Packages
500 http://ftp.fr.debian.org/debian jessie/main i386 Packages
How do I resolve the issue of importing the proper keys?
debian apt gpg
add a comment |
Updating repositories with apt update
fails since the public keys of several signatures are not available.
$ sudo apt update
Get:1 http://security.debian.org/debian-security stretch/updates InRelease [94.3 kB]
Ign:2 http://deb.debian.org/debian stretch InRelease
Hit:3 http://deb.debian.org/debian stretch Release
Ign:4 http://ftp.fr.debian.org/debian stretch InRelease
Ign:6 http://ftp.fr.debian.org/debian jessie InRelease
Hit:7 https://fr.archive.ubuntu.com/ubuntu bionic InRelease
Hit:8 http://ftp.fr.debian.org/debian stretch Release
Get:5 http://ftp.fr.debian.org/debian stretch-updates InRelease [91.0 kB]
Hit:9 https://riot.im/packages/debian stretch InRelease
Hit:10 http://ftp.fr.debian.org/debian jessie Release
Err:1 http://security.debian.org/debian-security stretch/updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY 8B48AD6246925553
Get:11 https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease [1,480 B]
Ign:12 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ InRelease
Hit:13 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release
Err:14 http://deb.debian.org/debian stretch Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
Get:15 https://content.runescape.com/downloads/ubuntu trusty InRelease [2,236 B]
Err:16 http://ftp.fr.debian.org/debian stretch Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
Err:9 https://riot.im/packages/debian stretch InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E019645248E8F4A1
Err:5 http://ftp.fr.debian.org/debian stretch-updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010
Err:17 http://ftp.fr.debian.org/debian jessie Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY CBF8D6FD518E17E1
Err:11 https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4B4E7A9523ACD201
Err:18 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2F7F0DA5FD5B64B9
Err:15 https://content.runescape.com/downloads/ubuntu trusty InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7373B12CE03BEB4B
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://security.debian.org/debian-security stretch/updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY 8B48AD6246925553
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://deb.debian.org/debian stretch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
W: Skipping acquire of configured file 'xenial/binary-amd64/Packages' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/binary-i386/Packages' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/i18n/Translation-en_US' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/i18n/Translation-en' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/dep11/Components-amd64.yml' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/dep11/icons-64x64.tar' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian stretch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://riot.im/packages/debian stretch InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E019645248E8F4A1
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian stretch-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian jessie Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY CBF8D6FD518E17E1
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4B4E7A9523ACD201
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2F7F0DA5FD5B64B9
W: GPG error: https://content.runescape.com/downloads/ubuntu trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7373B12CE03BEB4B
E: The repository 'https://content.runescape.com/downloads/ubuntu trusty InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
I tried to update the keys without keyring.debian.org
$ gpg --recv-keys 9D6D8F6BC857C906
gpg: key 9D6D8F6BC857C906: 12 signatures not checked due to missing keys
gpg: key 9D6D8F6BC857C906: "Debian Security Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
and with
$ gpg --keyserver keyring.debian.org --recv-keys 9D6D8F6BC857C906
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
ca-certificates
is up-to-date with version 20180409
as well as debian-keyring
with version 2018.03.24
.
I have also deleted /etc/apt/trusted.gpg
as per https://serverfault.com/q/851724.
@Stephen Kitt's request:
$ ls -la /etc/apt/trusted.gpg.d
total 28
drwxr-xr-x 2 root root 4096 Jan 2 10:42 .
drwxr-xr-x 6 root root 4096 Jan 2 11:06 ..
-rw-r--r-- 1 root root 10345 Jan 2 10:42 ubuntu-keyring-2012-archive.gpg
-rw-r--r-- 1 root root 2796 Feb 6 2018 ubuntu-keyring-2012-archive.gpg~
-rw-r--r-- 1 root root 2794 Feb 6 2018 ubuntu-keyring-2012-cdimage.gpg
$ apt policy debian-archive-keyring
debian-archive-keyring:
Installed: 2017.7ubuntu1
Candidate: 2017.7ubuntu1
Version table:
*** 2017.7ubuntu1 500
500 https://fr.archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
500 https://fr.archive.ubuntu.com/ubuntu bionic/universe i386 Packages
100 /var/lib/dpkg/status
2017.5 500
500 http://ftp.fr.debian.org/debian stretch/main amd64 Packages
500 http://ftp.fr.debian.org/debian stretch/main i386 Packages
500 http://deb.debian.org/debian stretch/main amd64 Packages
500 http://deb.debian.org/debian stretch/main i386 Packages
2017.5~deb8u1 500
500 http://ftp.fr.debian.org/debian jessie/main amd64 Packages
500 http://ftp.fr.debian.org/debian jessie/main i386 Packages
How do I resolve the issue of importing the proper keys?
debian apt gpg
Could you edit your question to show the output ofls -l /etc/apt/trusted.gpg.d
, andapt policy debian-archive-keyring
?
– Stephen Kitt
4 hours ago
I have included the output @StephenKitt.
– Pradana Aumars
4 hours ago
add a comment |
Updating repositories with apt update
fails since the public keys of several signatures are not available.
$ sudo apt update
Get:1 http://security.debian.org/debian-security stretch/updates InRelease [94.3 kB]
Ign:2 http://deb.debian.org/debian stretch InRelease
Hit:3 http://deb.debian.org/debian stretch Release
Ign:4 http://ftp.fr.debian.org/debian stretch InRelease
Ign:6 http://ftp.fr.debian.org/debian jessie InRelease
Hit:7 https://fr.archive.ubuntu.com/ubuntu bionic InRelease
Hit:8 http://ftp.fr.debian.org/debian stretch Release
Get:5 http://ftp.fr.debian.org/debian stretch-updates InRelease [91.0 kB]
Hit:9 https://riot.im/packages/debian stretch InRelease
Hit:10 http://ftp.fr.debian.org/debian jessie Release
Err:1 http://security.debian.org/debian-security stretch/updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY 8B48AD6246925553
Get:11 https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease [1,480 B]
Ign:12 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ InRelease
Hit:13 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release
Err:14 http://deb.debian.org/debian stretch Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
Get:15 https://content.runescape.com/downloads/ubuntu trusty InRelease [2,236 B]
Err:16 http://ftp.fr.debian.org/debian stretch Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
Err:9 https://riot.im/packages/debian stretch InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E019645248E8F4A1
Err:5 http://ftp.fr.debian.org/debian stretch-updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010
Err:17 http://ftp.fr.debian.org/debian jessie Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY CBF8D6FD518E17E1
Err:11 https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4B4E7A9523ACD201
Err:18 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2F7F0DA5FD5B64B9
Err:15 https://content.runescape.com/downloads/ubuntu trusty InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7373B12CE03BEB4B
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://security.debian.org/debian-security stretch/updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY 8B48AD6246925553
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://deb.debian.org/debian stretch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
W: Skipping acquire of configured file 'xenial/binary-amd64/Packages' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/binary-i386/Packages' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/i18n/Translation-en_US' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/i18n/Translation-en' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/dep11/Components-amd64.yml' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/dep11/icons-64x64.tar' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian stretch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://riot.im/packages/debian stretch InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E019645248E8F4A1
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian stretch-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian jessie Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY CBF8D6FD518E17E1
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4B4E7A9523ACD201
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2F7F0DA5FD5B64B9
W: GPG error: https://content.runescape.com/downloads/ubuntu trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7373B12CE03BEB4B
E: The repository 'https://content.runescape.com/downloads/ubuntu trusty InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
I tried to update the keys without keyring.debian.org
$ gpg --recv-keys 9D6D8F6BC857C906
gpg: key 9D6D8F6BC857C906: 12 signatures not checked due to missing keys
gpg: key 9D6D8F6BC857C906: "Debian Security Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
and with
$ gpg --keyserver keyring.debian.org --recv-keys 9D6D8F6BC857C906
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
ca-certificates
is up-to-date with version 20180409
as well as debian-keyring
with version 2018.03.24
.
I have also deleted /etc/apt/trusted.gpg
as per https://serverfault.com/q/851724.
@Stephen Kitt's request:
$ ls -la /etc/apt/trusted.gpg.d
total 28
drwxr-xr-x 2 root root 4096 Jan 2 10:42 .
drwxr-xr-x 6 root root 4096 Jan 2 11:06 ..
-rw-r--r-- 1 root root 10345 Jan 2 10:42 ubuntu-keyring-2012-archive.gpg
-rw-r--r-- 1 root root 2796 Feb 6 2018 ubuntu-keyring-2012-archive.gpg~
-rw-r--r-- 1 root root 2794 Feb 6 2018 ubuntu-keyring-2012-cdimage.gpg
$ apt policy debian-archive-keyring
debian-archive-keyring:
Installed: 2017.7ubuntu1
Candidate: 2017.7ubuntu1
Version table:
*** 2017.7ubuntu1 500
500 https://fr.archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
500 https://fr.archive.ubuntu.com/ubuntu bionic/universe i386 Packages
100 /var/lib/dpkg/status
2017.5 500
500 http://ftp.fr.debian.org/debian stretch/main amd64 Packages
500 http://ftp.fr.debian.org/debian stretch/main i386 Packages
500 http://deb.debian.org/debian stretch/main amd64 Packages
500 http://deb.debian.org/debian stretch/main i386 Packages
2017.5~deb8u1 500
500 http://ftp.fr.debian.org/debian jessie/main amd64 Packages
500 http://ftp.fr.debian.org/debian jessie/main i386 Packages
How do I resolve the issue of importing the proper keys?
debian apt gpg
Updating repositories with apt update
fails since the public keys of several signatures are not available.
$ sudo apt update
Get:1 http://security.debian.org/debian-security stretch/updates InRelease [94.3 kB]
Ign:2 http://deb.debian.org/debian stretch InRelease
Hit:3 http://deb.debian.org/debian stretch Release
Ign:4 http://ftp.fr.debian.org/debian stretch InRelease
Ign:6 http://ftp.fr.debian.org/debian jessie InRelease
Hit:7 https://fr.archive.ubuntu.com/ubuntu bionic InRelease
Hit:8 http://ftp.fr.debian.org/debian stretch Release
Get:5 http://ftp.fr.debian.org/debian stretch-updates InRelease [91.0 kB]
Hit:9 https://riot.im/packages/debian stretch InRelease
Hit:10 http://ftp.fr.debian.org/debian jessie Release
Err:1 http://security.debian.org/debian-security stretch/updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY 8B48AD6246925553
Get:11 https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease [1,480 B]
Ign:12 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ InRelease
Hit:13 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release
Err:14 http://deb.debian.org/debian stretch Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
Get:15 https://content.runescape.com/downloads/ubuntu trusty InRelease [2,236 B]
Err:16 http://ftp.fr.debian.org/debian stretch Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
Err:9 https://riot.im/packages/debian stretch InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E019645248E8F4A1
Err:5 http://ftp.fr.debian.org/debian stretch-updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010
Err:17 http://ftp.fr.debian.org/debian jessie Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY CBF8D6FD518E17E1
Err:11 https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4B4E7A9523ACD201
Err:18 http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2F7F0DA5FD5B64B9
Err:15 https://content.runescape.com/downloads/ubuntu trusty InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7373B12CE03BEB4B
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://security.debian.org/debian-security stretch/updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9D6D8F6BC857C906 NO_PUBKEY 8B48AD6246925553
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://deb.debian.org/debian stretch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
W: Skipping acquire of configured file 'xenial/binary-amd64/Packages' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/binary-i386/Packages' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/i18n/Translation-en_US' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/i18n/Translation-en' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/dep11/Components-amd64.yml' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'xenial/dep11/icons-64x64.tar' as repository 'https://fr.archive.ubuntu.com/ubuntu bionic InRelease' doesn't have the component 'xenial' (component misspelt in sources.list?)
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian stretch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY EF0F382A1A7B6500
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://riot.im/packages/debian stretch InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E019645248E8F4A1
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian stretch-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.fr.debian.org/debian jessie Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 NO_PUBKEY CBF8D6FD518E17E1
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://mega.nz/linux/MEGAsync/Debian_9.0 ./ InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4B4E7A9523ACD201
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/home:/strycore/Debian_9.0 ./ Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2F7F0DA5FD5B64B9
W: GPG error: https://content.runescape.com/downloads/ubuntu trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7373B12CE03BEB4B
E: The repository 'https://content.runescape.com/downloads/ubuntu trusty InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
I tried to update the keys without keyring.debian.org
$ gpg --recv-keys 9D6D8F6BC857C906
gpg: key 9D6D8F6BC857C906: 12 signatures not checked due to missing keys
gpg: key 9D6D8F6BC857C906: "Debian Security Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
and with
$ gpg --keyserver keyring.debian.org --recv-keys 9D6D8F6BC857C906
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
ca-certificates
is up-to-date with version 20180409
as well as debian-keyring
with version 2018.03.24
.
I have also deleted /etc/apt/trusted.gpg
as per https://serverfault.com/q/851724.
@Stephen Kitt's request:
$ ls -la /etc/apt/trusted.gpg.d
total 28
drwxr-xr-x 2 root root 4096 Jan 2 10:42 .
drwxr-xr-x 6 root root 4096 Jan 2 11:06 ..
-rw-r--r-- 1 root root 10345 Jan 2 10:42 ubuntu-keyring-2012-archive.gpg
-rw-r--r-- 1 root root 2796 Feb 6 2018 ubuntu-keyring-2012-archive.gpg~
-rw-r--r-- 1 root root 2794 Feb 6 2018 ubuntu-keyring-2012-cdimage.gpg
$ apt policy debian-archive-keyring
debian-archive-keyring:
Installed: 2017.7ubuntu1
Candidate: 2017.7ubuntu1
Version table:
*** 2017.7ubuntu1 500
500 https://fr.archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
500 https://fr.archive.ubuntu.com/ubuntu bionic/universe i386 Packages
100 /var/lib/dpkg/status
2017.5 500
500 http://ftp.fr.debian.org/debian stretch/main amd64 Packages
500 http://ftp.fr.debian.org/debian stretch/main i386 Packages
500 http://deb.debian.org/debian stretch/main amd64 Packages
500 http://deb.debian.org/debian stretch/main i386 Packages
2017.5~deb8u1 500
500 http://ftp.fr.debian.org/debian jessie/main amd64 Packages
500 http://ftp.fr.debian.org/debian jessie/main i386 Packages
How do I resolve the issue of importing the proper keys?
debian apt gpg
debian apt gpg
edited 1 hour ago
Jeff Schaller
38.8k1053125
38.8k1053125
asked 4 hours ago
Pradana Aumars
16010
16010
Could you edit your question to show the output ofls -l /etc/apt/trusted.gpg.d
, andapt policy debian-archive-keyring
?
– Stephen Kitt
4 hours ago
I have included the output @StephenKitt.
– Pradana Aumars
4 hours ago
add a comment |
Could you edit your question to show the output ofls -l /etc/apt/trusted.gpg.d
, andapt policy debian-archive-keyring
?
– Stephen Kitt
4 hours ago
I have included the output @StephenKitt.
– Pradana Aumars
4 hours ago
Could you edit your question to show the output of
ls -l /etc/apt/trusted.gpg.d
, and apt policy debian-archive-keyring
?– Stephen Kitt
4 hours ago
Could you edit your question to show the output of
ls -l /etc/apt/trusted.gpg.d
, and apt policy debian-archive-keyring
?– Stephen Kitt
4 hours ago
I have included the output @StephenKitt.
– Pradana Aumars
4 hours ago
I have included the output @StephenKitt.
– Pradana Aumars
4 hours ago
add a comment |
1 Answer
1
active
oldest
votes
You need to install Debian’s version of debian-archive-keyring
, the package containing the archive keys. You currently have Ubuntu’s. (debian-keyring
contains the developers’ keys.)
You’ll probably have to download it manually and install it using dpkg -i
(as root, or using sudo
).
As a longer-term fix, you should either drop Bionic from your repositories, or configure pinning correctly so that it isn’t used as an upgrade candidate by default.
Should I delete Ubuntu's keyring? Or maybe reinstall them after updating the repositories?
– Pradana Aumars
4 hours ago
Installing the Debian keyring package will remove the Ubuntu keyring; you can re-install it by installing theubuntu-archive-keyring
package instead.
– Stephen Kitt
3 hours ago
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f492013%2fimporting-keys-from-keyring-debian-org-fail%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You need to install Debian’s version of debian-archive-keyring
, the package containing the archive keys. You currently have Ubuntu’s. (debian-keyring
contains the developers’ keys.)
You’ll probably have to download it manually and install it using dpkg -i
(as root, or using sudo
).
As a longer-term fix, you should either drop Bionic from your repositories, or configure pinning correctly so that it isn’t used as an upgrade candidate by default.
Should I delete Ubuntu's keyring? Or maybe reinstall them after updating the repositories?
– Pradana Aumars
4 hours ago
Installing the Debian keyring package will remove the Ubuntu keyring; you can re-install it by installing theubuntu-archive-keyring
package instead.
– Stephen Kitt
3 hours ago
add a comment |
You need to install Debian’s version of debian-archive-keyring
, the package containing the archive keys. You currently have Ubuntu’s. (debian-keyring
contains the developers’ keys.)
You’ll probably have to download it manually and install it using dpkg -i
(as root, or using sudo
).
As a longer-term fix, you should either drop Bionic from your repositories, or configure pinning correctly so that it isn’t used as an upgrade candidate by default.
Should I delete Ubuntu's keyring? Or maybe reinstall them after updating the repositories?
– Pradana Aumars
4 hours ago
Installing the Debian keyring package will remove the Ubuntu keyring; you can re-install it by installing theubuntu-archive-keyring
package instead.
– Stephen Kitt
3 hours ago
add a comment |
You need to install Debian’s version of debian-archive-keyring
, the package containing the archive keys. You currently have Ubuntu’s. (debian-keyring
contains the developers’ keys.)
You’ll probably have to download it manually and install it using dpkg -i
(as root, or using sudo
).
As a longer-term fix, you should either drop Bionic from your repositories, or configure pinning correctly so that it isn’t used as an upgrade candidate by default.
You need to install Debian’s version of debian-archive-keyring
, the package containing the archive keys. You currently have Ubuntu’s. (debian-keyring
contains the developers’ keys.)
You’ll probably have to download it manually and install it using dpkg -i
(as root, or using sudo
).
As a longer-term fix, you should either drop Bionic from your repositories, or configure pinning correctly so that it isn’t used as an upgrade candidate by default.
answered 4 hours ago
Stephen Kitt
164k24365444
164k24365444
Should I delete Ubuntu's keyring? Or maybe reinstall them after updating the repositories?
– Pradana Aumars
4 hours ago
Installing the Debian keyring package will remove the Ubuntu keyring; you can re-install it by installing theubuntu-archive-keyring
package instead.
– Stephen Kitt
3 hours ago
add a comment |
Should I delete Ubuntu's keyring? Or maybe reinstall them after updating the repositories?
– Pradana Aumars
4 hours ago
Installing the Debian keyring package will remove the Ubuntu keyring; you can re-install it by installing theubuntu-archive-keyring
package instead.
– Stephen Kitt
3 hours ago
Should I delete Ubuntu's keyring? Or maybe reinstall them after updating the repositories?
– Pradana Aumars
4 hours ago
Should I delete Ubuntu's keyring? Or maybe reinstall them after updating the repositories?
– Pradana Aumars
4 hours ago
Installing the Debian keyring package will remove the Ubuntu keyring; you can re-install it by installing the
ubuntu-archive-keyring
package instead.– Stephen Kitt
3 hours ago
Installing the Debian keyring package will remove the Ubuntu keyring; you can re-install it by installing the
ubuntu-archive-keyring
package instead.– Stephen Kitt
3 hours ago
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f492013%2fimporting-keys-from-keyring-debian-org-fail%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Could you edit your question to show the output of
ls -l /etc/apt/trusted.gpg.d
, andapt policy debian-archive-keyring
?– Stephen Kitt
4 hours ago
I have included the output @StephenKitt.
– Pradana Aumars
4 hours ago