So, I'm having the following erros while trying to update or upgrade anything in Ubuntu:


W: GPG error: http://deb.playonlinux.com trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E0F72778C4676186
W: GPG error: http://repository.spotify.com stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 082CCEDF94558F59
W: GPG error: http://linux.dropbox.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY FC918B335044912E
W: GPG error: http://archive.canonical.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: http://extras.ubuntu.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 16126D3A3E5C1192
W: GPG error: http://download.ebz.epson.net lsb3.2 Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E5E86C008AA65D56
W: GPG error: http://mirror.unesp.br trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: http://mirror.unesp.br trusty-updates Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: http://mirror.unesp.br trusty-backports Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: http://mirror.unesp.br trusty-security Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: http://ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY DF8030F05ED1D082
W: GPG error: http://ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 10F47D907D103299
W: GPG error: http://ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY B5B116B72D0F61F0
W: GPG error: http://ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 10975893E549B1AC

I tried changing the server from where I get the updates. Still the same errors.

I tried using the

gpg --keyserver keyserver.ubuntu.com --recv <key> gpg --export --armor <key> | sudo apt-key add - sudo apt-get update

Same error. I tried deleting the keys myself and adding them with the command

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys < add keys here >

And still, the same error. Tried deleting them and adding them using the app's Y-PPA functionality to add missing keys. Didn't work. I also tried using the "Fix All GPG BADSIG errors" from the same app. Still got the same erros.

I then tried this approach:


sudo -i
# apt-get clean
# cd /var/lib/apt
# mv lists lists.old
# mkdir -p lists/partial
# apt-get clean
# apt-get update

And I still got the same error. I also tried the solution from this post: http://ubuntuforums.org/showthread.php?t=1057212&highlight=GPG+error
running the launchpad-update script as root. And it only gave wget erros:


cabeca@cabeca-lnx:~$ sudo ./launchpad-update
Release: trusty
Please Wait...
wget: missing URL
Usage: wget [OPTION]... [URL]...

Try `wget --help' for more options.
wget: missing URL
Usage: wget [OPTION]... [URL]...

Try `wget --help' for more options.
wget: missing URL
Usage: wget [OPTION]... [URL]...

Try `wget --help' for more options.
wget: missing URL
Usage: wget [OPTION]... [URL]...

Try `wget --help' for more options.
wget: missing URL
Usage: wget [OPTION]... [URL]...

Try `wget --help' for more options.
wget: missing URL
Usage: wget [OPTION]... [URL]...

Try `wget --help' for more options.

And I really don't know what else I can do to solve this problem. I'd really appreciate if someone gave me another solution (other than installing ubuntu again) to solve this problem.


Thanks in advance.

Hello!

You are using a lot of PPAs and non-standard sources.

Have you tried disabling them and attempting an update? What happens?

I tried unchecking everything on the "Other Software" tab on "Software & Updates" and I still get this when I update:


W: GPG error: http://mirror.unesp.br trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: http://mirror.unesp.br trusty-updates Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: http://mirror.unesp.br trusty-backports Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: http://mirror.unesp.br trusty-security Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

First, try to reinstall ubuntu-keyring:


sudo apt-get --reinstall install ubuntu-keyring

I had tried it before (but forgot mentioning), but here's the result:


Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 53 not upgraded.
1 not fully installed or removed.
Need to get 16,7 kB of archives.
After this operation, 0 B of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
ubuntu-keyring
Install these packages without verification? [y/N] y
Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main ubuntu-keyring all 2012.05.19 [16,7 kB]
Fetched 16,7 kB in 0s (49,4 kB/s)
(Reading database ... 308651 files and directories currently installed.)
Preparing to unpack .../ubuntu-keyring_2012.05.19_all.deb ...
Unpacking ubuntu-keyring (2012.05.19) over (2012.05.19) ...
Setting up ubuntu-keyring (2012.05.19) ...
gpg: keyblock resource `/etc/apt/trusted.gpg.d/webupd8team-atraci.gpg': resource limit
gpg: keyblock resource `/etc/apt/trusted.gpg.d/webupd8team-java.gpg': resource limit
gpg: keyblock resource `/etc/apt/trusted.gpg.d/webupd8team-nemo.gpg': resource limit
gpg: keyblock resource `/etc/apt/trusted.gpg.d/webupd8team-popcorntime.gpg': resource limit
gpg: keyblock resource `/etc/apt/trusted.gpg.d/webupd8team-y-ppa-manager.gpg': resource limit
gpg: keyblock resource `/etc/apt/trusted.gpg.d/yorba-ppa.gpg': resource limit
gpg: key 437D05B5: "Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>" not changed
gpg: key FBB75451: public key "Ubuntu CD Image Automatic Signing Key <cdimage@ubuntu.com>" imported
gpg: key C0B21F32: "Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@ubuntu.com>" not changed
gpg: key EFE21092: public key "Ubuntu CD Image Automatic Signing Key (2012) <cdimage@ubuntu.com>" imported
gpg: Total number processed: 4
gpg: imported: 2 (RSA: 1)
gpg: unchanged: 2
dpkg: error processing package ubuntu-keyring (--configure):
subprocess installed post-installation script returned error exit status 2
Setting up ubuntu-extras-keyring (2010.09.27) ...
Importing extras.ubuntu.com keyring
gpg: keyblock resource `/etc/apt/trusted.gpg.d/webupd8team-atraci.gpg': resource limit
gpg: keyblock resource `/etc/apt/trusted.gpg.d/webupd8team-java.gpg': resource limit
gpg: keyblock resource `/etc/apt/trusted.gpg.d/webupd8team-nemo.gpg': resource limit
gpg: keyblock resource `/etc/apt/trusted.gpg.d/webupd8team-popcorntime.gpg': resource limit
gpg: keyblock resource `/etc/apt/trusted.gpg.d/webupd8team-y-ppa-manager.gpg': resource limit
gpg: keyblock resource `/etc/apt/trusted.gpg.d/yorba-ppa.gpg': resource limit
dpkg: error processing package ubuntu-extras-keyring (--configure):
subprocess installed post-installation script returned error exit status 2
Errors were encountered while processing:
ubuntu-keyring
ubuntu-extras-keyring
E: Sub-process /usr/bin/dpkg returned an error code (1)

Then remove offending keys from /etc/apt/trusted.gpg.d:


sudo rm /etc/apt/trusted.gpg.d/{webupd8team,yorba}-*.gpg
sudo dpkg --configure -a

Could you also try changing the mirror "mirror.unesp.br" in your repositories to another repo like "main"?

Edit: That is, no PPAs, no non-standard sources and the main repos. Let's try to get to a "clean" update and move on from there.

The Big Head One; Humm ...

There is a limit on the number of keys the system can maintain. Have you exceeded the limit ?
See:
http://ubuntuforums.org/showthread.php?t=2195579



just a thought

@QIII:
mirror.unesp.br most probably is already pointing at main, universe and so on. It's an Ubuntu archive mirror after all. Did you actually mean "Change mirror.unesp.br to br.archive.ubuntu.com?"

@Bashing-om:
Good catch!
@OP:
How many keyrings are there? You can find it out with


ls /etc/apt/trusted.gpg.d | wc -l

The current limit is about 40. To get around this limit you need the latest apt from Debian experimental which is not yet even in vivid.

@schragge

No, I mean to change it to main. The maintainers of a mirror might not update often enough (Canonical asks them to do it 4x daily) or might have unrelated issues of their own. I don't know if that's a pushed mirror.

By cleaning up the keyring issues and using the main repositories, the OP can get to a stable spot.

Then remove offending keys from /etc/apt/trusted.gpg.d:


sudo rm /etc/apt/trusted.gpg.d/{webupd8team,yorba}-*.gpg
sudo dpkg --configure -a

I rechecked all the ppas and tried this code and it seems to help solving the problem for some of the keys, here's the (now smaller) error list:


W: GPG error: http://ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C2518248EEA14886
W: GPG error: http://ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C2518248EEA14886
W: GPG error: http://ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C2518248EEA14886
W: GPG error: http://ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C2518248EEA14886
W: GPG error: http://ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C2518248EEA14886



It probably could solve for them all, I just can't figure it out how to change from there, could you help me with it :D?

@QIII
I did this before, it didn't work.

@Bashing-om and @schragge
Here's the output


cabeca@cabeca-lnx:~$ ls /etc/apt/trusted.gpg.d | wc -l
81



81 O.O

81! That's insane. OK, some of them may be empty, but it is still quite a number. Well, you've already disabled all PPAs. Unfortunately, disabling PPAs doesn't automatically removes their keyrings. The best course of action in this situation likely would be to completely remove all PPA keyrings with

sudo rm /etc/apt/trusted.gpg.d/*
After that the error should go away. The problem is when you're adding a PPA with add-apt-repository or through a graphical frontend it will put all keys for this PPA (even if it's just one) into a separate keyring under /etc/apt/trusted.gpg.d/. GPG has a hard-wired limit of 40 keyrings. Don't forget that the standard ubuntu-keyring and ubuntu-extra-keyring also count to this limit. The latest APT in Debian experimental temporarily puts keys from all PPAs into the primary keyring, thus getting around this limit. Until it's available for your version of Ubuntu (unless you package it yourself) you must keep an eye on the number of used PPAs, and manually remove PPA keyrings when they are not needed anymore.

There are several techniques helping to reduce the number of keyrings. Often there are many PPAs offered by the same team/owner. E.g. webupd8team offers 24 PPAs all sharing the same signing key. If you enable all of them you'll end up with 24 identical keyrings. Leaving only one webupd8team-*.gpg file will still let you authenticate any of their repositories. Tools like fslint (http://manpages.ubuntu.com/manpages/trusty/en/man1/fslint.1.html), fdupes (http://manpages.ubuntu.com/manpages/trusty/en/man1/fdupes.1.html), rdfind (http://manpages.ubuntu.com/manpages/trusty/en/man1/rdfind.1.html), or even simple cmp (http://manpages.ubuntu.com/manpages/trusty/en/man1/cmp.1.html) may assist you in finding files with identical contents.

Another approach is to put all PPA keys into the primary keyring /etc/apt/trusted.gpg with apt-key (http://manpages.ubuntu.com/manpages/trusty/en/man8/apt-key.8.html), and leave the directory /etc/apt/trusted.gpg.d/ empty. This is basically what the latest experimental APT version does (http://anonscm.debian.org/cgit/apt/apt.git/commit/?h=debian/experimental&id=5beb682d2de2003e1c022cb298d6c2ec0cf91c0d) (it temporarily adds all PPA keys to the primary keyring before each apt-key action and restores its old contents afterwards). And what the old script launchpad-update did.

Meanwhile, I updated the script to work on newer Ubuntu releases (and put a warning comment on it). Enjoy:


#!/bin/sh
# This script adds PPA keys to the primary keyring in /etc/apt/trusted.gpg
# thus getting around the GPG limit of 40 keyrings.
# WARNING: It's only intended as the last resort measure.
# Rather than using it, reduce your use of PPAs.
set -e

keyserver=http://keyserver.ubuntu.com:11371
launchpadapi=https://launchpad.net/api/1.0

[ -r /etc/lsb-release ] && . /etc/lsb-release ||
{ echo Cannot read /etc/lsb-release >&2; exit 1;}

[ Ubuntu = "$DISTRIB_ID" ] ||
{ echo This script is supposed to run on Ubuntu >&2; exit 2;}

[ -n "$DISTRIB_CODENAME" ] && codename=$DISTRIB_CODENAME ||
{ echo Cannot determine installed Ubuntu release >&2; exit 2;}
release=$DISTRIB_RELEASE

usage() {
# Parameter: $1 - error message
<<! cat >&2
$1
Usage: sudo $0 <releasename>
Example: sudo $0 $codename
!
exit 3
}

[ 0 = `id -u` ] || usage "Please run with sudo"



if [ -x /usr/bin/ubuntu-distro-info ]
then
codenames=`/usr/bin/ubuntu-distro-info --all | tr '\n' \|`
eval \
case \$1 in \
"$codenames$codename"') codename=$1;;
*) usage "Wrong release name: $1";;' \
esac
else
[ 12 -le "${release%%.*}" ] &&
<<! cat >&2
This script works best with package 'distro-info' installed.

Consider installing distro-info with
sudo apt-get install distro-info

Continuing execution anyway

!

case $1 in
lucid|precise|trusty|utopic|vivid|$codename) codename=$1;;
*) usage "Wrong release name: $1";;
esac
fi

echo "Release: $codename"
echo Please wait...

tempfile() {
# Parameters: $1 - variable to hold the file name
# $2 - short file content description
local tmp
if tmp=`mktemp`
then
eval "$1='$tmp'"
currenttrap="${currenttrap}rm -f -- '$tmp';"
trap "$currenttrap" EXIT
else
echo "Cannot create temporary file for $2" >&2
exit 2
fi
}

tempfile sources 'APT sources'
tempfile fingerprints 'key fingerprints'
tempfile key 'signing key'

sourcelist=/etc/apt/sources.list
eval $(apt-config shell sourcelist Dir::Etc::SourceList/f)
sourceparts=/etc/apt/sources.list.d/
eval $(apt-config shell sourceparts Dir::Etc::SourceParts/d)
grep -hs '^[^#]' "$sourcelist" "$sourceparts"*.list > "$sources" ||:
grep -q '^Types:' "$sources" && {
echo "This script doesn't work with RFC822-style sources.list" >&2; exit 2
}

for ppaowner in $(
awk -F/ '/^deb[ \t]+.*ppa\.launchpad.*[ \t]+'$codename'/{print$4}' \
"$sources"
)
do
wget -qO- "$launchpadapi/~$ppaowner/ppas" |
awk -F'": "|"}' -v'RS="?, "' '/key_fingerprint/{print $2}' |
sort -u >> "$fingerprints"
done
for fingerprint in `sort -u "$fingerprints"`
do
wget -qO- "$keyserver/pks/lookup?op=get&search=0x$fingerprint" |
sed '/-BEGIN/,/-END/!d' > "$key"
if test "$fingerprint" = "$(
apt-key adv --with-colons --with-fingerprint "$key" |
awk -F: '/^fpr/{print $10}'
)"
then
apt-key add "$key"
else
<<! cat - "$key" >&2
Key rejected: retrieved key doesn't match the fingerprint!

Fingerprint: $fingerprint

Retrieved key:
$(apt-key adv --with-fingerprint "$key")
================================================== ========
!
fi
done

rm -f -- "$sources" "$fingerprints" "$key"
trap - EXIT

Thx everybody, specially @schragge.Yoursolution worked like a charm :D

I'll try keeping in mind not to use so many ppas :P

If you want to use new software you will save yourself trouble by installing 14.10. Safer approach than a long list of PPA's.