[Bug 1592040] Re: Can't update repos due to signing problems
Christian Doczkal
ThyrusG at gmx.de
Fri Oct 21 11:06:29 UTC 2016
I added the Ubuntu package signing keys to my personal key chain.
Afterwards I can verify the the signatures on the lists downloaded by
'apt-get update', e.g.
$ LANG=C gpg --verify /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_xenial-updates_Release
gpg: Signature made Fri Oct 21 09:32:24 2016 CEST using DSA key ID 437D05B5
gpg: Good signature from "Ubuntu Archive Automatic Signing Key <ftpmaster at ubuntu.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 6302 39CC 130E 1A7F D81A 27B1 4097 6EAF 437D 05B5
gpg: Signature made Fri Oct 21 09:32:24 2016 CEST using RSA key ID C0B21F32
gpg: Good signature from "Ubuntu Archive Automatic Signing Key (2012) <ftpmaster at ubuntu.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 790B C727 7767 219C 42C8 6F93 3B4F E6AC C0B2 1F32
So the error message of apt:
W: The repository 'http://archive.ubuntu.com/ubuntu xenial-updates
InRelease' is not signed.
appears to be wrong. The problem appears to be that apt is unable to
recognize/check the perfectly good signature on the downloaded files. Is
there any way to debug the signature verification process?
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1592040
Title:
Can't update repos due to signing problems
Status in apt package in Ubuntu:
Confirmed
Bug description:
I can't update the repos through 'sudo apt-get update' due to these
errors:
W: Errore GPG: http://archive.ubuntu.com/ubuntu xenial InRelease: Errore sconosciuto durante l'esecuzione di apt-key
W: The repository 'http://archive.ubuntu.com/ubuntu xenial InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: Errore GPG: http://archive.ubuntu.com/ubuntu xenial-updates InRelease: Errore sconosciuto durante l'esecuzione di apt-key
W: The repository 'http://archive.ubuntu.com/ubuntu xenial-updates InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: Errore GPG: http://archive.ubuntu.com/ubuntu xenial-backports InRelease: Errore sconosciuto durante l'esecuzione di apt-key
W: The repository 'http://archive.ubuntu.com/ubuntu xenial-backports InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: Errore GPG: http://archive.ubuntu.com/ubuntu xenial-security InRelease: Errore sconosciuto durante l'esecuzione di apt-key
W: The repository 'http://archive.ubuntu.com/ubuntu xenial-security InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
The /etc/apt/sources.list contains only the official Ubuntu repo since
it's untouched from a clean 16.04 install.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1592040/+subscriptions
More information about the foundations-bugs
mailing list