RE: apt-check-sigs and apt-get sig errors

To: <debian-security@lists.debian.org>
Subject: RE: apt-check-sigs and apt-get sig errors
From: "Hedges, Mark" <visitmxh@rand.org>
Date: Wed, 30 Aug 2006 10:13:40 -0700
Message-id: <[🔎] ED857B54821B4442AFA01D80AD259585405528@smmail9.rand.org>

 

> From: Hedges, Mark 
> Sent: Monday, August 28, 2006 11:19 AM
> To: debian-security@lists.debian.org
> Subject: apt-check-sigs and apt-get sig errors
> 
>  
> Is apt-check-sigs supposed to work with etch these days?  
> Does this mean nothing works right, or am I compromised?  
> 
> I get sporadic complaints from `apt-get update` as well 
> saying that the packages are not signed with the right key.

Like this.  What does this mean?  I get a lot of bad sig messages too,
with key sigs that don't seem to be on any keyring.  I get these at work
and at home, so I figure it's actually the server, not a MITM.

Fetched 42.4kB in 8s (4768B/s)
Reading package lists... Done
W: GPG error: http://security.debian.org stable/updates Release: The
following signatures were invalid: NODATA 2
W: GPG error: http://security.debian.org testing/updates Release: The
following signatures were invalid: NODATA 2
W: You may want to run apt-get update to correct these problems


--------------------

This email message is for the sole use of the intended recipient(s) and
may contain privileged information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply email and destroy all copies
of the original message.

Reply to:

Follow-Ups:
- Re: apt-check-sigs and apt-get sig errors
  - From: Christoph Auer <c_a@gmx.net>

Prev by Date: Re: Why is portmap installed by default?
Next by Date: Re: apt-check-sigs and apt-get sig errors
Previous by thread: apt-check-sigs and apt-get sig errors
Next by thread: Re: apt-check-sigs and apt-get sig errors
Index(es):
- Date
- Thread