Re: apt-get update problems

[Marty <martyb@ix.netcom.com>]

Jan C. Nordholz wrote:
> Hi!
>
> > 1) several errors of followig form
> > Release: The following signatures couldn't be verified because the 
> > public key is not available: NO_PUBKEY xxxxxxxxxxxxxxxx
> > i used suggestions from
> > http://lists.debian.org/deity/2005/08/msg00178.html
> > to remedy the problem. what could cause this?
>
> apt tries to verify[1] the GnuPG signature of the Release files of each
> package server it connects to. By default, apt only knows of the
> Debian Archive Keys, which are used to sign the Release files of
> ftp.debian.org (and thus its mirrors, too).
> If you have external servers listed in your sources.list, their Release
> files will be signed by some other key - which apt doesn't know.
>
> > 2) i can see the following
> > Get:3 http://security.debian.org stable/updates Release.gpg [197B]
> > Hit http://security.debian.org stable/updates Release
> > Ign http://security.debian.org stable/updates/main Packages
> > Hit http://security.debian.org stable/updates/main Packages
> > i didn't mentioned it previously, so it's possible that the error is 
> > there for quite some time. btw i use amd64/testing so it may be caused 
> > by conflict between testing and stable.

You need to use the security update site for testing.  The recent announcement
here included the following lines:

  We also invite you to add the following lines to your
  /etc/apt/sources.list file, and run "apt-get update && apt-get upgrade"
  to make the security updates available.

  deb http://secure-testing.debian.net/debian-secure-testing etch/security-updates main contrib non-free
  deb-src http://secure-testing.debian.net/debian-secure-testing etch/security-updates main contrib non-free

It's possible that your GPG verification problem is related to your
attempt to use packages from stable, where it's not supported.