sysadmn62
January 22nd, 2009, 05:03 PM
During a recent 'apt-get update', I got the following confusing error message:
W: GPG error: http://ppa.launchpad.net intrepid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 28A8205077558DD0
I'm not sure why this just began happening, but here's the scoop. Developers sign their releases in order to prevent others from tampering with the contents. In order for apt-get to trust a package, it needs the developer's public key to check that signature.
Here's how to add a missing key:
If you are in a root shell, you can omit the sudo in each of these commands.
Add the key to your system's keyring. The key is given in the error message - in this example, 28A8205077558DD0. There are two ways to do this. Developers can provide the key for download on their website, or put the key on a well-known keyserver. When the repository is added, the instructions usually include the steps needed to add the key. If you know which package is causing the problem, check the download page for that package. For example, mediabuntu (https://help.ubuntu.com/community/Medibuntu) has a dedicated package for it's keyring:
# sudo apt-get update && sudo apt-get install medibuntu-keyring && sudo apt-get update
Google offers its' key (http://www.google.com/linuxrepositories/aboutkey.html) for download:
# sudo wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
sudo apt-get update
If that fails, try using the keyserver at subkeys.pgp.net:
# sudo gpg --keyserver hkp://subkeys.pgp.net --recv-keys 28A8205077558DD0
getting 28A8205077558DD0 key
gpg: requesting key 77558DD0 from hkp server subkeys.pgp.net
gpg: key 77558DD0: public key "Launchpad PPA for GNOME Do Core Team" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
Warning! You don't want to add keys for just anyone. You must check and make sure that the title of the key (e.g. "Launchpad PPA for GNOME Do Core Team") corresponds to a repository you're actually using. Unfortunately, apt-get's error message is not helpful - it only shows the domain (http://ppa.launchpad.net) and not the full url for the failing package.
If you trust the key, add it to apt-get:
sudo gpg --export --armor 28A8205077558DD0 | sudo apt-key add -
OK
Please let me know of any comments or corrections by replying to this thread.
W: GPG error: http://ppa.launchpad.net intrepid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 28A8205077558DD0
I'm not sure why this just began happening, but here's the scoop. Developers sign their releases in order to prevent others from tampering with the contents. In order for apt-get to trust a package, it needs the developer's public key to check that signature.
Here's how to add a missing key:
If you are in a root shell, you can omit the sudo in each of these commands.
Add the key to your system's keyring. The key is given in the error message - in this example, 28A8205077558DD0. There are two ways to do this. Developers can provide the key for download on their website, or put the key on a well-known keyserver. When the repository is added, the instructions usually include the steps needed to add the key. If you know which package is causing the problem, check the download page for that package. For example, mediabuntu (https://help.ubuntu.com/community/Medibuntu) has a dedicated package for it's keyring:
# sudo apt-get update && sudo apt-get install medibuntu-keyring && sudo apt-get update
Google offers its' key (http://www.google.com/linuxrepositories/aboutkey.html) for download:
# sudo wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
sudo apt-get update
If that fails, try using the keyserver at subkeys.pgp.net:
# sudo gpg --keyserver hkp://subkeys.pgp.net --recv-keys 28A8205077558DD0
getting 28A8205077558DD0 key
gpg: requesting key 77558DD0 from hkp server subkeys.pgp.net
gpg: key 77558DD0: public key "Launchpad PPA for GNOME Do Core Team" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
Warning! You don't want to add keys for just anyone. You must check and make sure that the title of the key (e.g. "Launchpad PPA for GNOME Do Core Team") corresponds to a repository you're actually using. Unfortunately, apt-get's error message is not helpful - it only shows the domain (http://ppa.launchpad.net) and not the full url for the failing package.
If you trust the key, add it to apt-get:
sudo gpg --export --armor 28A8205077558DD0 | sudo apt-key add -
OK
Please let me know of any comments or corrections by replying to this thread.