LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian
User Name
Password
Debian This forum is for the discussion of Debian Linux.

Notices

Reply
 
Search this Thread
Old 02-19-2006, 11:06 PM   #1
vharishankar
Senior Member
 
Registered: Dec 2003
Posts: 3,142
Blog Entries: 4

Rep: Reputation: 121Reputation: 121
APT: GPG error - how to import public keys


I know this is not really a serious issue, but I'd still like to avoid this issue:
Quote:
W: GPG error: http://mirror.pacific.net.au testing Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 010908312D230C5F
W: GPG error: http://repos.knio.it testing Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY CBE5831435A92053
W: GPG error: http://secure-testing.debian.net etch/security-updates Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 946AA6E18722E71E
W: GPG error: ftp://ftp.nerim.net etch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 07DC563D1F41B907
W: GPG error: ftp://mirrors.kernel.org testing Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 010908312D230C5F
From where do I download the public key to these packages for use in Synaptic and apt-get.

I have installed KGpg which should simplify the GPG part. However, I'd just like to know where these keys can be downloaded from and used for apt.
 
Old 02-19-2006, 11:11 PM   #2
HappyTux
Senior Member
 
Registered: Mar 2003
Location: Nova Scotia, Canada
Distribution: Debian AMD64
Posts: 3,513

Rep: Reputation: 64
Try this site http://wiki.debian.org/SecureApt
 
Old 02-19-2006, 11:17 PM   #3
vharishankar
Senior Member
 
Registered: Dec 2003
Posts: 3,142
Blog Entries: 4

Original Poster
Rep: Reputation: 121Reputation: 121
I have read that site before, I think you linked to it in another thread. Actually, what I don't understand is where to download the public keys for these repositories.

Also I use KGpg. So I don't need the exact commands, just the location where to download the key...

Sorry if I sound a bit vague, but that's what comes out of half-knowledge
 
Old 02-19-2006, 11:37 PM   #4
vharishankar
Senior Member
 
Registered: Dec 2003
Posts: 3,142
Blog Entries: 4

Original Poster
Rep: Reputation: 121Reputation: 121
I've successfully managed this for http://secure-testing.debian.net/ repository because I could find the key file.

The problem is to find the key file for each repository, not in the process. Any ideas?
 
Old 02-19-2006, 11:43 PM   #5
HappyTux
Senior Member
 
Registered: Mar 2003
Location: Nova Scotia, Canada
Distribution: Debian AMD64
Posts: 3,513

Rep: Reputation: 64
Quote:
Originally Posted by Harishankar
I have read that site before, I think you linked to it in another thread. Actually, what I don't understand is where to download the public keys for these repositories.

Also I use KGpg. So I don't need the exact commands, just the location where to download the key...

Sorry if I sound a bit vague, but that's what comes out of half-knowledge
For getting the keys you use gpg so for the first one you do not have try as root.

Code:
gpg --keyserver pgpkeys.mit.edu --recv-key 010908312D230C5F
Then again as root once you see it imported.

Code:
gpg -a --export 2D230C5F | sudo apt-key add -
Now repeat for each of the keys you need and hopefully all of them have been uploaded to a keyserver that the mit.edu mirrors on their keyserver. If not then most times if you put in the url of the repository you will find an archive.key or a file ending in .asc this would be the file you need then you would use gpg --import http://www.????.LLL/path/to/archive.key then use the --export to put it into the apt keyring you only need the last eight letters/numbers when exporting you can find these by using the gpg --list-keys and it will show you them.
 
Old 02-19-2006, 11:49 PM   #6
vharishankar
Senior Member
 
Registered: Dec 2003
Posts: 3,142
Blog Entries: 4

Original Poster
Rep: Reputation: 121Reputation: 121
I understand that part about import the key into GPG and then exporting it for use with apt-key. The problem is finding the .asc file for each repository... Is there any other way to "auto-detect" the public key file for each repository?
 
Old 02-20-2006, 12:00 AM   #7
vharishankar
Senior Member
 
Registered: Dec 2003
Posts: 3,142
Blog Entries: 4

Original Poster
Rep: Reputation: 121Reputation: 121
Actually if I can download the asc file, I don't even need to use gpg. I can directly use it with apt-key add.

The only problem is finding that file.
 
Old 02-20-2006, 12:07 AM   #8
vharishankar
Senior Member
 
Registered: Dec 2003
Posts: 3,142
Blog Entries: 4

Original Poster
Rep: Reputation: 121Reputation: 121
Yah, I successfully managed to import all the keys using the technique of searching for the key ID rather than the .asc file. I used KGpg anyway, since I didn't want to type in every command using gpg. It's actually very easy to use.

Thanks for pointing me in the right direction. Now all the errors regarding GPG no longer exist.
 
Old 02-20-2006, 12:08 AM   #9
vharishankar
Senior Member
 
Registered: Dec 2003
Posts: 3,142
Blog Entries: 4

Original Poster
Rep: Reputation: 121Reputation: 121
Earlier the importing from a key server wasn't working because of a firewall issue. I now allowed the firewall (guarddog) to connect to pgp key servers and it works fine. That was where the confusion lay.

Regards.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
rpm gpg public keys removal Infernal211283 Linux - Newbie 2 12-14-2005 11:58 AM
YUM requires public keys, how do I get public keys? GNUROCKS Linux - Newbie 3 05-29-2005 08:50 AM
gpg keys, and why i cant import them AnimaSola Linux - Software 3 04-17-2005 06:49 PM
YUM --import public.gpg.key Fredstar Linux - Newbie 8 03-25-2005 06:31 PM
Using GPG without public or private keys darin3200 Linux - Security 3 01-10-2005 03:40 AM


All times are GMT -5. The time now is 05:55 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration