[ 14.04 ] - Official repositories GPG error

Martín Cigorraga martincigorraga at gmail.com
Fri Mar 28 12:33:54 UTC 2014 

Hello Marius, thank you very much for your time.

Yes, you're right, /etc/apt/trusted.gpg.d was corrupted and I already
solved the issue - I was away so couldn't warn about that here!
This is my comment on an already open apt-get bug report:
https://bugs.launchpad.net/apt/+bug/1263540/comments/7

Cheers!


On Fri, Mar 28, 2014 at 8:55 AM, Marius Gedminas <marius at pov.lt> wrote:

> Hi!
>
> On Fri, Mar 28, 2014 at 06:12:11AM -0300, Martín Cigorraga wrote:
> > Today I started receiving this error messages for the official Ubuntu
> > repositories on the Main server:
> >
> > [...]
> > Fetched 66,1 kB in 1min 44s (631 B/s)
> > Reading package lists... Done
> > W: GPG error: http://archive.canonical.com trusty Release: The following
> > signatures couldn't be verified because the public key is not available:
> > NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
>
> Whoa.  40976EAF437D05B5 is the Ubuntu Archive Automatic Signing Key from
> 2004!  You should have had it in your /etc/apt/trusted.gpg since install
> time.
>
> 3B4FE6ACC0B21F32 is the Ubuntu Archive Automatic Signing Key from 2012.
>
> Run 'apt-key list' to see what keys are present in your apt-get keyring.
> E.g. mine are
>
>     $ apt-key list
>
>     /etc/apt/trusted.gpg
>     --------------------
>     pub   1024D/437D05B5 2004-09-12
>     uid                  Ubuntu Archive Automatic Signing Key <
> ftpmaster at ubuntu.com>
>     sub   2048g/79164387 2004-09-12
>
>     pub   1024D/FBB75451 2004-12-30
>     uid                  Ubuntu CD Image Automatic Signing Key <
> cdimage at ubuntu.com>
>
>     pub   1024D/3E5C1192 2010-09-20
>     uid                  Ubuntu Extras Archive Automatic Signing Key <
> ftpmaster at ubuntu.com>
>
>     pub   4096R/C0B21F32 2012-05-11
>     uid                  Ubuntu Archive Automatic Signing Key (2012) <
> ftpmaster at ubuntu.com>
>
>     pub   4096R/EFE21092 2012-05-11
>     uid                  Ubuntu CD Image Automatic Signing Key (2012) <
> cdimage at ubuntu.com>
>
>
> plus a bunch of PPAs that I omitted for brevity.
>
> The key IDs are shortened to 8 hex characters here, so compare the right
> half:
>
>     40976EAF437D05B5 (the one that apt-get complained about)
>             437D05B5 (the one listed in apt-key list)
>
> (Long and short GPG key IDs are actually just the last 8 or 16 hex
> characters of the fingerprints you can see with 'apt-key finger'.)
>
> So I think your /etc/apt/trusted.gpg got corrupted somehow.
>
> Now, the question is: how can you restore the keyring safely?  It's not
> something that I ever had to worry about.  I suppose I'd rename
> /etc/apt/trusted.gpg to *.bak, find an Ubuntu LiveCD, then copy the
> trusted.gpg file from it.
>
> Marius Gedminas
> --
> The difference between immorality and immortality is "T".  I like Earl
> Grey.
>                 -- Carl Dershem
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>
>


-- 
/Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20140328/fa883b75/attachment.html>

More information about the ubuntu-users mailing list