Not problems with apt-get recently, until just now.
Today I started out getting three "missing key" errors on
apt-get update (all three referencing A70DAF536070D3A1) and one "BADSIG" error (referencing 010908312D230C5F). So I addressed the missing key errors first:
Code:
# gpg --keyserver wwwkeys.eu.pgp.net --recv-keys A70DAF536070D3A1 && \
gpg --armor --export A70DAF536070D3A1 | apt-key add -
gpg: requesting key 6070D3A1 from hkp server wwwkeys.eu.pgp.net
gpg: key 6070D3A1: public key "Debian Archive Automatic Signing Key (4.0/etch) <ftpmaster@debian.org>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1
OK
# apt-key list
/etc/apt/trusted.gpg
--------------------
pub 1024R/1DB114E0 2004-01-15 [expired: 2005-01-27]
uid Debian Archive Automatic Signing Key (2004) <ftpmaster@debian.org>
pub 1024D/4F368D5D 2005-01-31 [expired: 2006-01-31]
uid Debian Archive Automatic Signing Key (2005) <ftpmaster@debian.org>
pub 1024D/B5F5BBED 2005-04-24
uid Debian AMD64 Archive Key <debian-amd64@lists.debian.org>
sub 2048g/34FC6FE5 2005-04-24
pub 1024D/2D230C5F 2006-01-03 [expires: 2007-02-07]
uid Debian Archive Automatic Signing Key (2006) <ftpmaster@debian.org>
pub 1024D/1F41B907 1999-10-03
uid Christian Marillat <marillat@debian.org>
uid Christian Marillat <marillat@free.fr>
sub 1536g/C28DCC42 1999-10-03
sub 1024D/5D3877A7 2002-08-26
pub 1024D/6070D3A1 2006-11-20 [expires: 2009-07-01]
uid Debian Archive Automatic Signing Key (4.0/etch) <ftpmaster@debian.org>
So it looks like it successfully added the "Debian(4.0/etch)" key.
Tried the apt-get again, the missing key errors were gone (expected), and I still had the following BADSIG error (totally expected at this point):
Quote:
W: GPG error: http://mirrors.kernel.org unstable Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) <ftpmaster@debian.org>
|
OK, the BADSIG error is still there as expected (although I don't know why it just popped up all of a sudden). You can see that key in the original "apt-key list" listing above. This key has been working for quite a while, so why the
BADSIG now?
Next I tried going after that BADSIG problem with a refresh-keys:
Code:
# gpg --keyserver wwwkeys.eu.pgp.net --refresh-keys && \
gpg --armor --export 010908312D230C5F | apt-key add -
gpg: refreshing 5 keys from hkp://wwwkeys.eu.pgp.net
gpg: requesting key 2D230C5F from hkp server wwwkeys.eu.pgp.net
gpg: requesting key 1F41B907 from hkp server wwwkeys.eu.pgp.net
gpg: requesting key F0D6B1E0 from hkp server wwwkeys.eu.pgp.net
gpg: requesting key 0A8AF5B8 from hkp server wwwkeys.eu.pgp.net
gpg: requesting key 6070D3A1 from hkp server wwwkeys.eu.pgp.net
gpg: key 2D230C5F: "Debian Archive Automatic Signing Key (2006) <ftpmaster@debian.org>" 6 new signatures
gpgkeys: key F6BB1E9367C95074EB956F2C6DF25AB50A8AF5B8 not found on keyserver
gpg: key 1F41B907: "Christian Marillat <marillat@debian.org>" 28 new signatures
gpg: key F0D6B1E0: "TrueCrypt Foundation <info@truecrypt-foundation.org>" 9 new signatures
gpg: key 6070D3A1: "Debian Archive Automatic Signing Key (4.0/etch) <ftpmaster@debian.org>" not changed
gpg: Total number processed: 4
gpg: unchanged: 1
gpg: new signatures: 43
gpg: no ultimately trusted keys found
OK
OK, so it appears to have added six new signatures to the "Debian(2006)" key.
Tried the apt-get again (this time expecting things to work), but encountered the same error. Tried it again (I know, usually a stupid thing to do!) and the error went away. Huh? Tried apt-get
again, and the BADSIG error is back.
What gives? Is there something I'm missing???
---
I'm getting these errors intermittantly. Here are three apt-get's in a row, done within seconds of each other, with nothing else in between. The first one succeeded,
the middle one failed, and then the third one succeeded!
Code:
# apt-get update
Ign file: debs/ Release.gpg
Ign file: debs/ Release
Ign file: debs/ Packages
Get:1 http://security.debian.org stable/updates Release.gpg [189B]
Get:2 http://ftp.debian.org unstable Release.gpg [378B]
Get:3 http://mirrors.kernel.org unstable Release.gpg [378B]
Get:4 http://ftp.us.debian.org unstable Release.gpg [378B]
Hit http://security.debian.org stable/updates Release
Hit http://ftp.debian.org unstable Release
Hit http://mirrors.kernel.org unstable Release
Hit http://ftp.us.debian.org unstable Release
Ign http://security.debian.org stable/updates/main Packages
Hit http://ftp.debian.org unstable/main Packages
Hit http://mirrors.kernel.org unstable/main Packages
Hit http://ftp.us.debian.org unstable/main Packages
Hit http://security.debian.org stable/updates/main Packages
Hit http://ftp.debian.org unstable/main Sources
Hit http://mirrors.kernel.org unstable/main Sources
Hit http://ftp.us.debian.org unstable/main Sources
Fetched 381B in 1s (342B/s)
Reading package lists... Done
# apt-get update
Ign file: debs/ Release.gpg
Ign file: debs/ Release
Ign file: debs/ Packages
Get:1 http://mirrors.kernel.org unstable Release.gpg [378B]
Get:2 http://ftp.debian.org unstable Release.gpg [378B]
Get:3 http://ftp.us.debian.org unstable Release.gpg [378B]
Get:4 http://security.debian.org stable/updates Release.gpg [189B]
Hit http://mirrors.kernel.org unstable Release
Ign http://mirrors.kernel.org unstable Release
Hit http://ftp.debian.org unstable Release
Hit http://ftp.us.debian.org unstable Release
Hit http://security.debian.org stable/updates Release
Hit http://mirrors.kernel.org unstable/main Packages
Hit http://ftp.debian.org unstable/main Packages
Hit http://ftp.us.debian.org unstable/main Packages
Ign http://security.debian.org stable/updates/main Packages
Hit http://mirrors.kernel.org unstable/main Sources
Hit http://ftp.debian.org unstable/main Sources
Hit http://ftp.us.debian.org unstable/main Sources
Hit http://security.debian.org stable/updates/main Packages
Fetched 381B in 0s (498B/s)
Reading package lists... Done
W: GPG error: http://mirrors.kernel.org unstable Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) <ftpmaster@debian.org>
W: You may want to run apt-get update to correct these problems
# apt-get update
Ign file: debs/ Release.gpg
Ign file: debs/ Release
Ign file: debs/ Packages
Get:1 http://mirrors.kernel.org unstable Release.gpg [378B]
Hit http://mirrors.kernel.org unstable Release
Get:2 http://ftp.us.debian.org unstable Release.gpg [378B]
Get:3 http://ftp.debian.org unstable Release.gpg [378B]
Get:4 http://security.debian.org stable/updates Release.gpg [189B]
Hit http://mirrors.kernel.org unstable/main Packages
Hit http://mirrors.kernel.org unstable/main Sources
Hit http://ftp.us.debian.org unstable Release
Hit http://ftp.debian.org unstable Release
Hit http://security.debian.org stable/updates Release
Hit http://ftp.us.debian.org unstable/main Packages
Hit http://ftp.debian.org unstable/main Packages
Ign http://security.debian.org stable/updates/main Packages
Hit http://ftp.us.debian.org unstable/main Sources
Hit http://ftp.debian.org unstable/main Sources
Hit http://security.debian.org stable/updates/main Packages
Fetched 381B in 1s (275B/s)
Reading package lists... Done