I ran this command to update packages in my ubuntu VM.
sudo apt-get update
It gave me the below error at the end.
Err:5 https://apt.releases.hashicorp.com bionic InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY XXXXXXXXXXXXXXXX
Fetched 12.0 kB in 1s (10.4 kB/s)
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://apt.releases.hashicorp.com bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY XXXXXXXXXXXXXXXX
W: Failed to fetch https://apt.releases.hashicorp.com/dists/bionic/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY XXXXXXXXXXXXXXXX
W: Some index files failed to download. They have been ignored, or old ones used instead.
What does this mean and how can I fix it?
This means that the gpg key for this HashiCorp repository is not available in the apt-key database.
As the fix, it can be re-added with the below commands.
# GPG is required for the package signing key
sudo apt install gpg
# Download the signing key to a new keyring
wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg
# Verify the key's fingerprint
gpg --no-default-keyring --keyring /usr/share/keyrings/hashicorp-archive-keyring.gpg --fingerprint
# The fingerprint must match 798A EC65 4E5C 1542 8C8E 42EE AA16 FCBC A621 E701, which can also be verified at https://www.hashicorp.com/security under "Linux Package Checksum Verification".
# Add the HashiCorp repo
echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
# apt update successfully
sudo apt update
Note that these commands were taken from Hashicorp's Official Packaging Guide.
Related
I was installing Wine on linux and up on following the guide instructions on this article, install wine, I came across these errors :-
W: GPG error: https://dl.winehq.org/wine-builds/ubuntu xenial
InRelease: The following signatures couldn't be verified because the
public key is not available: NO_PUBKEY 76F1A20FF987672F
E: The repository 'https://dl.winehq.org/wine-builds/ubuntu xenial
InRelease' is not signed.
I looked for solutions but I could not find one. I decided to create a post and my solution to this problem.
Find the solution in the answers.
The solution is easy.
Add the required public key using the below command line:-
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 76F1A20FF987672F
Now you can run:-
sudo apt update && sudo apt upgrade -y
And you are sorted
I started a NVIDIA VM on AZURE and trying to do update using
sudo apt update
but gives error:
Hit:2 http://azure.archive.ubuntu.com/ubuntu focal InRelease
Hit:3 http://azure.archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:4 http://azure.archive.ubuntu.com/ubuntu focal-backports InRelease
Hit:5 https://packages.microsoft.com/repos/azure-cli focal InRelease
Hit:6 http://security.ubuntu.com/ubuntu focal-security InRelease
Err:1 http://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64 InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A4B469963BF863CC
Reading package lists... Done
W: GPG error: http://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64 InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A4B469963BF863CC
E: The repository 'http://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64 InRelease' is no longer signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
to install the keys i used
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv A4B469963BF863CC
but that gives No data error. gpg: keyserver receive failed: No data
I can run sudo apt-get upgrade but not the update.
Any help would be appreciated
Even though there is cuda installed but it still doesnt find cuda libraries, and that could be due to update.
the following worked for me
apt-key del 7fa2af80
rm /etc/apt/sources.list.d/cuda.list
rm /etc/apt/sources.list.d/nvidia-ml.list
wget https://developer.download.nvidia.com/compute/cuda/repos/ubuntu1804/x86_64/cuda-keyring_1.0-1_all.deb
dpkg -i cuda-keyring_1.0-1_all.deb
I ran those commands in docker container, so in VM you might need to add sudo.
The error is due to Cuda repo key rotation.
The solution posted on Nvidia forms didn't work for me https://forums.developer.nvidia.com/t/notice-cuda-linux-repository-key-rotation/212771
The following worked:
apt-key del 7fa2af80
wget https://developer.download.nvidia.com/compute/cuda/repos/$distro/$arch/cuda-keyring_1.0-1_all.deb
dpkg -i cuda-keyring_1.0-1_all.deb
Replace $distro/$arch in the following commands;ex:
debian10/x86_64
debian11/x86_64
ubuntu1604/x86_64
ubuntu1804/cross-linux-sbsa
ubuntu1804/ppc64el
ubuntu1804/sbsa
ubuntu1804/x86_64
ubuntu2004/cross-linux-sbsa
ubuntu2004/sbsa
ubuntu2004/x86_64
ubuntu2204/sbsa
ubuntu2204/x86_64
wsl-ubuntu/x86_64
and then
apt-get update
if you have an error as the following after the apt-get update
root#9c8cceaf7843:/# apt-get update
E: Conflicting values set for option Signed-By regarding source https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64/ /: /usr/share/keyrings/cuda-archive-keyring.gpg !=
E: The list of sources could not be read.
run the following
sed -i '/developer\.download\.nvidia\.com\/compute\/cuda\/repos/d' /etc/apt/sources.list.d/*
sed -i '/developer\.download\.nvidia\.com\/compute\/machine-learning\/repos/d' /etc/apt/sources.list.d/*
apt-get update
this should solve the issue
Method 2 (Not recommended)
Alternatively, you can manually install the keys (change $distro/$arch)
apt-key adv --fetch-keys https://developer.download.nvidia.com/compute/cuda/repos/$distro/$arch/3bf863cc.pub
To Check your distro and architecture
Disto
uname -v
or
lsb_release -a
Architecture:
uname -i
Reference:
https://forums.developer.nvidia.com/t/notice-cuda-linux-repository-key-rotation/212771
https://github.com/NVIDIA/cuda-repo-management/issues/4
https://forums.developer.nvidia.com/t/updating-the-cuda-linux-gpg-repository-key/212897/8
As others mentioned this issue is due to Cuda repo key rotation.
apt-key approach mentioned above didn't work for me.
I looked more about details on the nvidia forum and came across another method from user (olyuninv) where you have to copy the below command in Dockerfile before apt-get update as follows:
COPY ./cuda-keyring_1.0-1_all.deb cuda-keyring_1.0-1_all.deb
RUN rm /etc/apt/sources.list.d/cuda.list
&& rm /etc/apt/sources.list.d/nvidia-ml.list
&& dpkg -i cuda-keyring_1.0-1_all.deb
RUN apt-get update
Don't forget to download keys first according to your OS version from here.
You have to basically use below command:
wget https://developer.download.nvidia.com/compute/cuda/repos/$distro/$arch/cuda-keyring_1.0-1_all.deb
(But have to replace $distro/$arch with your OS version, more details in the link)
If interested, more details might be available here on this nvidia cuda gitlab ticket.
References:
1: https://forums.developer.nvidia.com/t/invalid-public-key-for-cuda-apt-repository/212901/7
2: https://developer.nvidia.com/blog/updating-the-cuda-linux-gpg-repository-key/
3: https://gitlab.com/nvidia/container-images/cuda/-/issues/158
I found the solution. This error was occuring due to NVidia GPG key rotation occurred today. All the details are provdhttps://developer.nvidia.com/blog/updating-the-cuda-linux-gpg-repository-key/
Whenever I'm trying to sudo apt-get update I'm getting these errors:
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://packages.linuxmint.com rafaela Release: The following signatures were invalid: BADSIG 3EE67F3D0FF405B2 Clement Lefebvre (Linux Mint Package Repository v1) <root#linuxmint.com>
W: GPG error: http://extra.linuxmint.com rafaela Release: The following signatures were invalid: BADSIG 3EE67F3D0FF405B2 Clement Lefebvre (Linux Mint Package Repository v1) <root#linuxmint.com>
W: Failed to fetch http://packages.linuxmint.com/dists/rafaela/Release
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty/Release Unable to find expected entry 'restricted/binary-amd64/Packages' in Release file (Wrong sources.list entry or malformed file)
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty/main/binary-amd64/Packages Hash Sum mismatch
W: Some index files failed to download. They have been ignored, or old ones used instead.
So, I did some reading and tried changing mirrors in the sofetware-sources area, and also followed this answer, and ran this command:
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 3EE67F3D0FF405B2
but got this result which didn't help me:
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.joWxQNcMmd --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --recv-keys --keyserver keyserver.ubuntu.com 3EE67F3D0FF405B2
gpg: requesting key 0FF405B2 from hkp server keyserver.ubuntu.com
gpg: key 0FF405B2: "Clement Lefebvre (Linux Mint Package Repository v1) <root#linuxmint.com>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
Any idea what else I can try in order to solve it?
p.s It all started when trying to install nodejs and npm.
This worked for me on Linux Mint 17 Qiana:
sudo rm -r /var/lib/apt/lists
sudo mkdir -p /var/lib/apt/lists/partial
sudo apt-get clean
sudo apt-get update
sudo apt-key list | grep expired
Get the key to use from that result:
pub 4096R/BE1DB1F1 2011-03-29 [expired: 2014-03-28]
sudo apt-key adv --recv-keys --keyserver keys.gnupg.net BE1DB1F1
sudo apt-get update
Solution partially from this post.
To fix the BADSIG error
It should be packages.linuxmint.com not extra.linuxmint.com.
Find which package list files contain the offending host:
grep -R extra.linuxmint.com /etc/apt/sources.list.d
Change any lines which match.
FYI, my one line was in /etc/apt/sources.list.d/official-package-repositories.list and now reads:
deb http://extra.linuxmint.com rafaela main
If you still have Hash Sum mismatch errors, then follow social's steps.
I am getting following error while update my source lists
$ sudo apt-get update
Reading package lists... Done
W: GPG error: http://archive.debian.org lenny/updates Release: The following signatures were invalid: KEYEXPIRED 1356982504
W: You may want to run apt-get update to correct these problems
How to resolve this issue?
To find any expired repository keys and their IDs, use apt-key as follows:
apt-key list | grep expired
You will get a result similar to the following:
pub 4096R/BE1DB1F1 2011-03-29 [expired: 2014-03-28]
The key ID is the bit after the / i.e. BE1DB1F1 in this case.
To update the key, run
sudo apt-key adv --recv-keys --keyserver keys.gnupg.net BE1DB1F1
I had the same issue and I just change the system date
date --set 2008-01-01
then try to update
apt-get update
At the end any of this answers solve my issue.
What I did is recheck for the latest available sources. In my case
###### Debian Main Repos
deb http://ftp.au.debian.org/debian/ wheezy main contrib non-free
deb-src http://ftp.au.debian.org/debian/ wheezy main contrib non-free
###### Debian Update Repos
deb http://security.debian.org/ wheezy/updates main contrib non-free
deb http://ftp.au.debian.org/debian/ wheezy-proposed-updates main contrib non-free
deb-src http://security.debian.org/ wheezy/updates main contrib non-free
deb-src http://ftp.au.debian.org/debian/ wheezy-proposed-updates main contrib non-free
I generate them using this website. https://debgen.simplylinux.ch/ Debian Source generator.
Then I update the keys in the repo.
apt-get install debian-keyring debian-archive-keyring
apt-key update
Then again try to update
apt-get update
That will probably fix the issue.
Fetched 67.5 kB in 2min 0s (560 B/s)
Reading package lists... Done
If you still problems with some keys follow the next steps per key.
You need to add the key manually from another server.
In this case the missing key is 55BE302B
So you have to do:
gpg --keyserver pgpkeys.mit.edu --recv-key 55BE302B
gpg -a --export 55BE302B | sudo apt-key add -
It will import the key and then you add them to the sources.
root#XXX:~# gpg --keyserver pgpkeys.mit.edu --recv-key 55BE302B
gpg: requesting key 55BE302B from hkp server pgpkeys.mit.edu
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 55BE302B: public key "Debian Archive Automatic Signing Key (5.0/lenny) <ftpmaster#debian.org>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
root#XXX:~# gpg -a --export 55BE302B | sudo apt-key add -
OK
I hope this help anyone facing the same issue.
When I try to use apt-get update command on Debian I find myself in a kind of error cycle with these two errors: NO_PUBKEY and KEYEXPIRED
W: There is no public key available for the following key IDs:
4D270D06F42584E6
W: GPG error: http://archive.debian.org lenny/updates Release: The following signatures were invalid: KEYEXPIRED 1356982504
W: GPG error: http://archive.debian.org lenny/volatile Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY DFD993306D849617
W: Failed to fetch http://archive.debian.org/debian-securty/dists/lenny/updates/main/source/Sources 404 Not Found [IP: 130.89.148.13 80]
First I get KEYEXPIRED error (with NO_PUBKEY but that's not the point now) then i tried this solution:
http://community.aegirproject.org/node/757/revisions/2077/view
(but I am not sure I did everything correctly)
W: There is no public key available for the following key IDs:
4D270D06F42584E6
W: GPG error: http://archive.debian.org lenny/updates Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9AA38DCD55BE302B
W: GPG error: http://archive.debian.org lenny/volatile Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY DFD993306D849617
W: Failed to fetch http://archive.debian.org/debian-securty/dists/lenny/updates/main/source/Sources 404 Not Found [IP: 130.89.148.13 80]
Then I get NO_PUBKEY error and I tried this solution and I turned back my initial problem :(
sudo apt-key adv --recv-keys --keyserver keys.gnupg.net (8 digit key)
could you help me?
I know this is bit late, however recently I came across same issue in ubuntu, and this is how i fixed that. first I've got the key from keyserver as below. you may need to change KEY and server according to your environment,
sudo gpg --keyserver hkp://keyserver.ubuntu.com --recv-key 40976EAF437D05B5
after that you need to add the key to your key store (you may need to execute following as 'su' user)
gpg --export --armor 40976EAF437D05B5 | apt-key add -
found full details from here GPG error: public key is not available NO_PUBKEY
Hope it will help (I'm also new to ubuntu, and that's how I sort out)
I know, your Debian fix your question:
W: There is no public key available for the following key IDs:
4D270D06F42584E6
Just use that three lines code:
sudo apt-get install debian-keyring debian-archive-keyring
sudo apt-key update
sudo apt-get update