Linux.com

Home Learn Linux Linux Tutorials Debian, Upgrading to Lenny, ERROR, no public key available for the following...

Debian, Upgrading to Lenny, ERROR, no public key available for the following...

Due to a quite good popularity of one of my blogs I've decided to report its contents as an article for Linux.com.

I've spent one day crushing my head against a weird problem, never seen it on Debian, I was only updating four Debian "etch" to "lenny" and in two of them I've seen this:

han:~# apt-get update
...
...
Fetched 74.7kB in 0s (87.4kB/s)
Reading package lists... Done
W: There is no public key available for the following key IDs:
9AA38DCD55BE302B
W: GPG error: http://xxx.xx.xxx.org lenny Release:
The following signatures couldn't be verified because the public key
is not available:
NO_PUBKEY 9AA38DCD55BE302B
W: You may want to run apt-get update to correct these problems

So I did what I've read and issued the apt-get command again

han:~# apt-get dist-upgrade
Reading package lists... Done
Building dependency tree... Done
Calculating upgrade... Done
...
Fetched 74.7kB in 0s (99.9kB/s)
Reading package lists... Done
W: There is no public key available for the following key IDs:
9AA38DCD55BE302B
W: GPG error: http://ftp.it.debian.org lenny Release:
The following signatures couldn't be verified because the public key
is not available:
NO_PUBKEY 9AA38DCD55BE302B
W: You may want to run apt-get update to correct these problems

But still no luck, the problem raised again
I was thinking: what should I do next ?

After some google searches and after reading about gpg keys I've decided to solve the problem in this way:

1) As first thing I've decided to import this missing key with gpg, so run:

han:~# gpg --keyserver wwwkeys.eu.pgp.net --recv-keys 9AA38DCD55BE302B
gpg: directory `/root/.gnupg' created
gpg: can't open `/gnupg/options.skel': No such file or directory
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
gpg: requesting key 55BE302B from hkp server
wwwkeys.eu.pgp.net
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 55BE302B: public key "Debian Archive Automatic
Signing Key (5.0/lenny) " imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)

Got it! So pgp.net replied my about authenticity of this Lenny key, so I've imported the newly created key to apt-get source packages, here's:

han:~# apt-key add .gnupg/pubring.gpg
OK

Issued again apt-get update:

han:~# apt-get update
...
Fetched 1033B in 0s (1400B/s)
Reading package lists... Done

 

And everything worked like a charm
Hope it helps someone else, read blogs and save time

 

Update:

Solution #2
As suggested from Frank Matthieß here's a "debian oriented solution":


All gnupg public keys are available with the debian package "debian-archive-keyring".
A "apt-get install debian-archive-keyring" or better "aptitude install debian-archive-keyring" wil do the job.

Hint for adding single gnupg key for package verifying:
"gpg --export --armor $GNUPG-KEYID | apt-key add - "

An examble based on the values in this article:
"gpg --export --armor 55BE302B | apt-key add - "

 

Comments

Subscribe to Comments Feed

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board