[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: signature invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006)

Well... It certainly looks like I've got it installed...

However, the version that's available from the "etch" mirrors (and installed on my machine) doesn't seem to be the same as that on the website that Mathieu mentions. Is it just that it hasn't migrated to "testing" from "unstable" yet? Will all this clear itself up when it gets migrated?

In the mean time, why have things signed by it been allowed to get into the "testing" archive?

rick@macswell:~$ aptitude show debian-archive-keyring
Package: debian-archive-keyring
State: installed
Automatically installed: no
Version: 2006.01.18
Priority: important
Section: misc
Maintainer: Michael Vogt <mvo@debian.org>
Uncompressed Size: 53.2k
Depends: gnupg (>= 1.0.6-4)
Description: GnuPG archive keys of the Debian archive
The Debian project digitally signs its Release files. This package contains the
archive keys used for that.


On Dec 2, 2006, at 8:04 PM, Mathieu Malaterre wrote:

Have you tried installing:



On 12/2/06, Rick Thomas <rbthomas55@pobox.com> wrote:

Does anybody know why I'm getting this message when I do "aptitude

> W: GPG error: http://mirrors.usc.edu etch Release: The following
> signatures were invalid: BADSIG 010908312D230C5F Debian Archive
> Automatic Signing Key (2006) <ftpmaster@debian.org>

A couple of days ago, I was getting the same message, but from
debian.lcs.mit.edu, instead of mirrors.usc.edu.  Both sites are in my
sources.list file.

Reply to: