On Wed, Oct 19, 2005 at 05:20:03PM -0400, Marty wrote: > Jan C. Nordholz wrote: > >Hi! > > > >>1) several errors of followig form > >>Release: The following signatures couldn't be verified because the > >>public key is not available: NO_PUBKEY xxxxxxxxxxxxxxxx > >>i used suggestions from > >>http://lists.debian.org/deity/2005/08/msg00178.html > >>to remedy the problem. what could cause this? > > > >apt tries to verify[1] the GnuPG signature of the Release files of each > >package server it connects to. By default, apt only knows of the > >Debian Archive Keys, which are used to sign the Release files of > >ftp.debian.org (and thus its mirrors, too). > >If you have external servers listed in your sources.list, their Release > >files will be signed by some other key - which apt doesn't know. > > > >>2) i can see the following > >>Get:3 http://security.debian.org stable/updates Release.gpg [197B] > >>Hit http://security.debian.org stable/updates Release > >>Ign http://security.debian.org stable/updates/main Packages > >>Hit http://security.debian.org stable/updates/main Packages > >>i didn't mentioned it previously, so it's possible that the error is > >>there for quite some time. btw i use amd64/testing so it may be caused > >>by conflict between testing and stable. > > You need to use the security update site for testing. The recent > announcement > here included the following lines: > > We also invite you to add the following lines to your > /etc/apt/sources.list file, and run "apt-get update && apt-get upgrade" > to make the security updates available. > > deb http://secure-testing.debian.net/debian-secure-testing > etch/security-updates main contrib non-free > deb-src http://secure-testing.debian.net/debian-secure-testing > etch/security-updates main contrib non-free > > It's possible that your GPG verification problem is related to your > attempt to use packages from stable, where it's not supported. > Hi, I think it may be even simpler. I'd suggest you run apt-get -oDebug::Acquire::Http=true update > /dev/null (directing standard output away so the debugging info is readable) I can produce the same thing here with testing/updates, and the problem is that apt begins with requesting the best-compressed file (Packages.bz2) and then goes down (Packages.gz and finally Packages), if the former can't be found. This seems to be the case here. My debug log reads: _____:~# apt-get -oDebug::Acquire::Http=true update >/dev/null [...] GET /dists/testing/updates/main/binary-i386/Packages.bz2 HTTP/1.1 Host: security.debian.org Connection: keep-alive If-Modified-Since: Thu, 30 Jun 2005 08:38:58 GMT User-Agent: Debian APT-HTTP/1.3 HTTP/1.1 404 Not Found Date: Wed, 19 Oct 2005 21:46:52 GMT Server: Apache/1.3.26 (Unix) Debian GNU/Linux PHP/4.1.2 Keep-Alive: timeout=15, max=98 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=iso-8859-1 GET /dists/testing/updates/main/binary-i386/Packages.gz HTTP/1.1 Host: security.debian.org Connection: keep-alive If-Modified-Since: Thu, 30 Jun 2005 08:38:58 GMT User-Agent: Debian APT-HTTP/1.3 HTTP/1.1 304 Not Modified Date: Wed, 19 Oct 2005 21:46:52 GMT Server: Apache/1.3.26 (Unix) Debian GNU/Linux PHP/4.1.2 Connection: Keep-Alive Keep-Alive: timeout=15, max=97 ETag: "6a5cc-14-42c3afa2" _____:~# => The .bz2 can't be found (and causes apt to print an Ign: line), > >>Ign http://security.debian.org stable/updates/main Packages but the .gz is there, and unmodified (causing a Hit: line). > >>Hit http://security.debian.org stable/updates/main Packages Regards, Jan -- Jan C. Nordholz <jckn At gmx net>
Attachment:
signature.asc
Description: Digital signature