Introduction
This page lists various error messages related to package and repository authentication that I have encountered and how to fix them.
public key is not available: NO_PUBKEY 5C808C2B65558117
- Verify the error occurs as below:
penne# apt-get -qq update W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://install.pasta.net wheezy Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5C808C2B65558117 W: Failed to fetch http://install.pasta.net/multimedia-wheezy.penne/dists/wheezy/Release W: Some index files failed to download. They have been ignored, or old ones used instead. penne#
- Determine what version of the package is installed if any:
dpkg -l deb-multimedia-keyring
- Determine what version of the package is available in the repository. (Probably this means visiting the URL that is mentioned in /etc/apt/sources.list* and looking at what version is in the ‘pool’ directory or looking at what version is mentioned in the file ‘/dists/wheezy/main/binary-<port>/Packages.gz’).
- If the version installed is 2014.2 or newer, then you should not be seeing the error!
- If the version in the repository is older than 2014.2, then you should find a newer mirror!
- Attempt to upgrade the package (this will probably fail):
penne# apt-get upgrade deb-multimedia-keyring Reading package lists... Done Building dependency tree Reading state information... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. penne#
- Attempt to remove and re-install the package (this will probably fail):
penne# apt-get --purge remove deb-multimedia-keyring Reading package lists... Done Building dependency tree Reading state information... Done The following packages will be REMOVED: deb-multimedia-keyring* 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. After this operation, 46.1 kB disk space will be freed. Do you want to continue [Y/n]? y (Reading database ... 56329 files and directories currently installed.) Removing deb-multimedia-keyring ... OK penne# apt-get install deb-multimedia-keyring Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: deb-multimedia-keyring 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 14.4 kB of archives. After this operation, 46.1 kB of additional disk space will be used. Err http://install.pasta.net/multimedia-wheezy.penne/ wheezy/main deb-multimedia-keyring all 2012.05.10-dmo4 404 Not Found Failed to fetch http://install.pasta.net/multimedia-wheezy.penne/pool/main/d/deb-multimedia-keyring/deb-multimedia-keyring_2012.05.10-dmo4_all.deb 404 Not Found E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing? penne#
(Why is it still looking for the old version of the package even though a newer one is available in the repositories that the system is configured to use? Because the package index for this repository has not been updated!)
- Force the update of the package index by discarding the old one:
penne# find /var/lib/apt/lists -type f -exec rm {} \; penne# apt-get -qq update W: GPG error: http://install.pasta.net wheezy Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5C808C2B65558117 penne#
(We’re still getting the same error displayed, but, this time, the package index has been updated!)
- Now it will be possible to install (or upgrade, if, earlier, you didn’t remove) the package:
penne# apt-get install deb-multimedia-keyring Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: deb-multimedia-keyring 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 27.7 kB of archives. After this operation, 74.8 kB of additional disk space will be used. WARNING: The following packages cannot be authenticated! deb-multimedia-keyring Install these packages without verification [y/N]? y Get:1 http://install.pasta.net/multimedia-wheezy.penne/ wheezy/main deb-multimedia-keyring all 2014.2 [27.7 kB] Fetched 27.7 kB in 0s (0 B/s) Selecting previously unselected package deb-multimedia-keyring. (Reading database ... 56324 files and directories currently installed.) Unpacking deb-multimedia-keyring (from .../deb-multimedia-keyring_2014.2_all.deb) ... Setting up deb-multimedia-keyring (2014.2) ... penne#
- And finally, an ‘apt-get update’ no longer complains:
penne# apt-get -qq update penne#
W: There is no public key available for the following key IDs: 9D6D8F6BC857C906
My suspicion is that this occurs because (1) the system was installed against an ISO image, (2) the system has since applied only security updates, (3) the key used to sign the Debian security repository has recently changed, (4) the package containing the updated key is not distributed via security updates so any system applying only security updates can no longer validate security updates!
- Verify that you are seeing one of the following errors:
alphabeti# apt-get update ... Fetched 888 kB in 1s (687 kB/s) Reading package lists... Done W: There is no public key available for the following key IDs: 9D6D8F6BC857C906 alphabeti#
or
alphabeti# apt-get dist-upgrade Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following packages have been kept back: libservice-wrapper-java libservice-wrapper-jni service-wrapper The following packages will be upgraded: linux-image-3.2.0-4-amd64 linux-libc-dev 0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded. alphabeti#
- Run:
alphabeti# wget http://ftp2.de.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2014.3~deb7u1_all.deb alphabeti# dpkg -i *.deb alphabeti#
- Rerun the tests above to check the error has cleared.
[GNUPG:] NO_PUBKEY 40976EAF437D05B5
This error was encountered when trying to mirror Ubuntu using debmirror. The full error message was:
gpgv: Signature made Mon 02 May 2016 05:33:56 AM CEST using DSA key ID 437D05B5 [GNUPG:] ERRSIG 40976EAF437D05B5 17 10 00 1462160036 9 [GNUPG:] NO_PUBKEY 40976EAF437D05B5 gpgv: Can't check signature: public key not found gpgv: Signature made Mon 02 May 2016 05:33:56 AM CEST using RSA key ID C0B21F32 [GNUPG:] ERRSIG 3B4FE6ACC0B21F32 1 10 00 1462160036 9 [GNUPG:] NO_PUBKEY 3B4FE6ACC0B21F32 gpgv: Can't check signature: public key not found
- Run:
gpg --no-default-keyring --keyring ~/.gnupg/trustedkeys.gpg \ --keyserver sks-keyservers.net --recv 437D05B5