on Wed, Jan 04, 2006 at 12:25:15AM -0500, Joey Hess (joeyh@debian.org) wrote:
> Edward C. Jones wrote:
> > I am getting the following message from synaptic:
> >
> > W: GPG error: http://ftp.us.debian.org unstable Release: The following
> > signatures couldn't be verified because the public key is not available:
> > NO_PUBKEY 010908312D230C5F
> >
> > From what I have read, this is going to happen every January. What do I
> > do? Where in the Debian documentation is the procedure I need to use
> > documented?
>
> wget http://ftp-master.debian.org/ziyi_key_2006.asc -O - | sudo apt-key add -
In my case the following (pasting together a couple of shell
histories...) seemed to do the trick:
apt-get install debian-keyring
gpg --import /usr/share/keyrings/debian-keyring.gpg
gpg --armor --export 010908312D230C5F 07DC563D1F41B907 07DC563D1F41B907 |
apt-key add -
... modulo values of keys (those were the ones aptitude was bitching
about).
Any harm in exporting root's GPG keys into apt-key? I currently only
have four (Debian's autosign keys + a third-party archive) present.
> Secure apt is too young for us to have a well-defined procedure for
> dealing with this. Apparently they tried to do a two-step transition
> that would have allowed apt to download a new version of itself that
> knew about the new key before the old key expires, but the way it's been
> done so far has not worked due to a bug in apt.
Glad to see it's finally happening, nonetheless, and appreciate your
hints as always.
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
America Trans Air (ATA) customer service sucks:
http://kmself.home.netcom.com/Rants/ata-sucks.html
Attachment:
signature.asc
Description: Digital signature