Sunday, 8 January 2006

Public Key Missing in Apt

Just a quick blog about some key wierdness in the debian testing apt-get setup. Not sure where the exact problem stems from, but since the new year started, all debian updates are signed with the 2006 gpg key, which my testing systems did not seem to have. So you would end up with this error after doing an update:

Get:1 testing Release.gpg [378B]
Fetched 2810kB in 24s (114kB/s)
Reading package lists... Done
W: GPG error: testing Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 010908312D230C5F

The problem being that the public key at the end is not recognized. Looking at the key management utility for apt (apt-key) didn't show any simple way for it to download the correct key from the debian keyring, so I ended up having to use a bit of a kludge. These were the commands I had to run (as root):

gpg --keyserver --recv-key 2D230C5F
gpg --armor --export 2D230C5F | apt-key add -

The first line downloads the public key and adds it to the root user's list of public keys. The command exports this from the root user's keylist to apt-key. The cleanest way to do this would probably be to use wget to get the actual key from its appropriate location, then pipe it to apt-key (it would be a one liner too). However, that is clunkier to do since one has to look up the appropriate location of the key, etc. In the end, adding just one public key to root's keyring was no real deal.

Ah well, back to your regularly scheduled hacking ...

No comments:

Post a Comment