Saturday, August 08, 2009

signature verification error while running aptitude install

If you're using ubuntu as your choice of linux distribution, and you like to add some unofficial repositories, you probably find some warnings when you run apt-get update command.

The warnings are probably like this

W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used.GPG error: stable Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A040830F7FAC5991
W: Failed to fetch
W: Some index files failed to download, they have been ignored, or old ones used instead.
W: You may want to run apt-get update to correct these problems

That's the warnings I got when I added google debian repository. There won't be anything bad about it, since we could still install the packages from that repositories. But, I we could get rid the warnings, that's would be a lot better. We could use gpg command to get the key.

Short Version

For you who don't want to read pointless explanations below, here's the short version

gpg --keyserver hkp:// --recv-keys A040830F7FAC5991
gpg --export --armor 7FAC5991 | sudo apt-key add -

Long Version

Here's the explained step. First we have to get the key from the key server.

gpg --keyserver hkp:// --recv-keys A040830F7FAC5991

The A040830F7FAC5991 is from the warning shown before. You might want to change it if you have different repository. For the google repository, you should get this as the output

gpg: requesting key 7FAC5991 from hkp server
gpg: key 7FAC5991: public key "Google, Inc. Linux Package Signing Key <>" imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: Total number processed: 1
gpg: imported: 1

After that, type

gpg --export --armor 7FAC5991 | sudo apt-key add -

Where the 7FAC5991 is from the output shown before.

After that you'll get OK as the output. You may run apt-get update again.

Oh, one more thing, I only tested this method in opera and google repositories

No comments: