Linux.com

Home Learn Linux Linux Tutorials Debian, Upgrading to Lenny, ERROR, no public key available for the following...

Debian, Upgrading to Lenny, ERROR, no public key available for the following...

Due to a quite good popularity of one of my blogs I've decided to report its contents as an article for Linux.com.

I've spent one day crushing my head against a weird problem, never seen it on Debian, I was only updating four Debian "etch" to "lenny" and in two of them I've seen this:

han:~# apt-get update
...
...
Fetched 74.7kB in 0s (87.4kB/s)
Reading package lists... Done
W: There is no public key available for the following key IDs:
9AA38DCD55BE302B
W: GPG error: http://xxx.xx.xxx.org lenny Release:
The following signatures couldn't be verified because the public key
is not available:
NO_PUBKEY 9AA38DCD55BE302B
W: You may want to run apt-get update to correct these problems

So I did what I've read and issued the apt-get command again

han:~# apt-get dist-upgrade
Reading package lists... Done
Building dependency tree... Done
Calculating upgrade... Done
...
Fetched 74.7kB in 0s (99.9kB/s)
Reading package lists... Done
W: There is no public key available for the following key IDs:
9AA38DCD55BE302B
W: GPG error: http://ftp.it.debian.org lenny Release:
The following signatures couldn't be verified because the public key
is not available:
NO_PUBKEY 9AA38DCD55BE302B
W: You may want to run apt-get update to correct these problems

But still no luck, the problem raised again
I was thinking: what should I do next ?

After some google searches and after reading about gpg keys I've decided to solve the problem in this way:

1) As first thing I've decided to import this missing key with gpg, so run:

han:~# gpg --keyserver wwwkeys.eu.pgp.net --recv-keys 9AA38DCD55BE302B
gpg: directory `/root/.gnupg' created
gpg: can't open `/gnupg/options.skel': No such file or directory
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
gpg: requesting key 55BE302B from hkp server
wwwkeys.eu.pgp.net
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 55BE302B: public key "Debian Archive Automatic
Signing Key (5.0/lenny) " imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)

Got it! So pgp.net replied my about authenticity of this Lenny key, so I've imported the newly created key to apt-get source packages, here's:

han:~# apt-key add .gnupg/pubring.gpg
OK

Issued again apt-get update:

han:~# apt-get update
...
Fetched 1033B in 0s (1400B/s)
Reading package lists... Done

 

And everything worked like a charm
Hope it helps someone else, read blogs and save time

 

Update:

Solution #2
As suggested from Frank Matthieß here's a "debian oriented solution":


All gnupg public keys are available with the debian package "debian-archive-keyring".
A "apt-get install debian-archive-keyring" or better "aptitude install debian-archive-keyring" wil do the job.

Hint for adding single gnupg key for package verifying:
"gpg --export --armor $GNUPG-KEYID | apt-key add - "

An examble based on the values in this article:
"gpg --export --armor 55BE302B | apt-key add - "

 

Comments

Subscribe to Comments Feed

Upcoming Linux Foundation Courses

  1. LFD320 Linux Kernel Internals and Debugging
    03 Nov » 07 Nov - Virtual
    Details
  2. LFS416 Linux Security
    03 Nov » 06 Nov - Virtual
    Details
  3. LFS426 Linux Performance Tuning
    10 Nov » 13 Nov - Virtual
    Details

View All Upcoming Courses

Become an Individual Member
Check out the Friday Funnies

Sign Up For the Linux.com Newsletter


Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board