Re: gpg-errors with apt
On Thu, Jul 07, 2005 at 12:22:36PM +0200, Johann Spies wrote:
> I have read http://www.debian-administration.org/articles/174 about
> this topic and have done what the article suggested:
> "~# gpg --keyserver keyring.debian.org --recv 4F368D5D"
This imports the key for the Debian Unstable archive.
> Got a timeout here.
> "Or if you wish you can download it from the internet, from
> http://www.debian.org/releases/ -
> towards the bottom of the page there's a link to the file
> Download this and import it as follows:
> root@mystery:~# cat ziyi_key_2005.asc | gpg --import"
(Bad '"' on the end of that command line.. mistake in copy + paste?)
> I have done this but I still get the following on aptitude update (on
> W: GPG error: ftp://archive3.sun.ac.za unstable Release: The following
> signatures couldn't be verified because the public key is not
> available: NO_PUBKEY F1D53D8C4F368D5D
This is a completely different key - here the complain is that the
archive you have in your apt.sources list, for archive3.sun.ac.za,
is signed with a key 'F1D53D8C4F368D5D' which you don't have imported.
>W: GPG error:
> ftp://archive3.sun.ac.za unstable Release: The following signatures
> couldn't be verified because the public key is not available:
And the error says as much. The signature isn't verified because
you're missing the key.
> NO_PUBKEY 07DC563D1F41B907 W: You may want to update the package lists
> to correct these missing files
Find the key that the archive is signed with, import it as you
did for the main Sid/Etch archive and all should be well.
> Is this a bug or how do I solve this problem?
Not a bug with the *Debian* archive, but a missing key on your
side from the look of things..
# The Debian Security Audit Project.