[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: The following signatures were invalid: EXPKEYSIG 5A88D659DCB811BB Debian Ports Archive Automatic Signing Key (2021)

Hello,

Philipp Klaus Krause, le jeu. 10 févr. 2022 17:09:26 +0100, a ecrit:
> I just downloaded debian-hurd-20210812.img, and started it in kvm. apt-get
> update then failed:

Yes, the problem is that the debian-ports archive key is updated every
year, and thus its liveness doesn't span the whole timespan of a
release. A way to fix this is to avoid checking the gpg signature, and
rely only on https:

deb [trusted=yes] https://snapshot.debian.org/archive/debian-ports/20210812T100000Z/ sid main
deb [trusted=yes] https://snapshot.debian.org/archive/debian-ports/20210812T100000Z/ unreleased main
deb-src [trusted=yes check-valid-until=no] http://snapshot.debian.org/archive/debian/20210812T100000Z/ sid main

I have now updated the images accordingly.

I don't know a way to tell apt to tell gpg to ignore the expired key
issue.

Samuel
Reply to: