[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: apt-get invalid signature again

On Sat, Jan 28, 2006 at 10:15:33AM -0800, Ross Boylan wrote:
> Starting last night I see
> W: GPG error: http://localhost sarge/updates Release: The following signatures were invalid: BADSIG F1D53D8C4F368D5D Debian Archive Automatic Signing Key (2005) <ftpmaster@debian.org>
> Anyone know what's up?  I don't see messages about this latest
> occurrence.
> I'm a little frustrated how frequently this seems to happen; all these
> false positives (I'm assuming that's what the latest is) undercut the
> value of the security system.
	apt-get install debian-archive-keyring

	apt-key update

and you should be OK. You may also want to look at the Debian Secure-APT
HOWTO on the Debian wiki at wiki.debian.org

As somebody said, this is because you haven't got the 2006 key
installed. This should only happen once a year or so: the fact
that secure apt was only really introduced in September/October
means that we've seemingly hit teething problems twice in six months :)



> I'm using apt-cacher, with sarge/updates pointing to
> deb http://localhost:3142/security.debian.org/ sarge/updates main contrib non-free
> -- 
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: