I was updating my Ubuntu 10.04 laptop, and I received this error,
W: GPG error: http://deb.torproject.org lucid Release: The following signatures were invalid: [problem-sigs]
When I Googled it there weren't any helpful suggestions, but luckily I have had a similar problem before. So I went to the tor page which had the information about their gpg keys. And I followed these directions:
And I was good to go! I hope this helps someone, because Googling the exact error pulls up some stuff from 2010, and some totally unrelated stuff.
Then add this line to your /etc/apt/sources.list file:
deb http://deb.torproject.org/torproject.org <DISTRIBUTION> main where you put the codename of your distribution (i.e. lenny, sid, maverick or whatever it is) in place of <DISTRIBUTION>. Then add the gpg key used to sign the packages by running the following commands at your command prompt:
gpg --keyserver keys.gnupg.net --recv 886DDD89 gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add - Now refresh your sources, running the following command (as root) at your command prompt: apt-get update If there are no errors you're good to continue.