0

I get a lot of this errors when runnong apt-get update command

Ign http://archive.debian.org lenny/volatile/main Sources/DiffIndex
Ign http://archive.debian.org lenny/volatile/contrib Sources/DiffIndex
Ign http://archive.debian.org lenny/volatile/non-free Sources/DiffIndex
Hit http://archive.debian.org lenny/updates/main Packages
Hit http://archive.debian.org lenny/updates/contrib Packages
Hit http://archive.debian.org lenny/updates/non-free Packages
W: GPG error: http://archive.debian.org lenny/updates Release: The following signatures were invalid: KEYEXPIRED 1356982504
W: GPG error: http://archive.debian.org lenny/volatile Release: The following signatures were invalid: KEYEXPIRED 1358963195
W: You may want to run apt-get update to correct these problems

Why can't I update? .. All this was done after running the upgrade command.

Here's my sources.list

deb http://archive.debian.org/debian/ lenny main contrib non-free
deb-src http://archive.debian.org/debian/ lenny main contrib non-free
deb http://archive.debian.org/debian-security lenny/updates main contrib non-fre
e
deb-src http://archive.debian.org/debian-security lenny/updates main contrib non
-free
deb http://archive.debian.org/debian-volatile lenny/volatile main contrib non-fr
ee
deb-src http://archive.debian.org/debian-volatile lenny/volatile main contrib no
n-free

All this with Debian GNU/Linux 6.0

AAlvz
  • 365
  • 4
  • 7
  • 16
  • I don't see any actual error. Are you referring to the GPG warnings? – mgorven Feb 08 '13 at 19:45
  • @mgorven yes all those warnings and the fact that it suggest to run `update` to correct. But I keep getting al that.. – AAlvz Feb 08 '13 at 19:49
  • 2
    Debian 6.0 is not Lenny, Lenny is 5.0. The GPG signatures for the lenny archive are expired, and since the arch is EOL, checking GPG won't work, and will probably not be updated. You have to disable checks, if you wnat to still use lenny. – Zoredache Feb 08 '13 at 19:51
  • @Zoredache So the best I can do is update my sources.list to squeeze ? – AAlvz Feb 08 '13 at 20:03

2 Answers2

2

The key used to sign the archive probably got rotated. You need to update the package containing the archive keys:

sudo apt-get --allow-unauthenticated install debian-archive-keyring
mgorven
  • 30,036
  • 7
  • 76
  • 121
  • I don't think this will help. Lenny is end of life, and I don't believe the `debian-archive-keyring` has, or will be updated to reflect updated keys. – Zoredache Feb 08 '13 at 19:55
0

The problem was the Debian 6.0 and Lenny match. I just updated all to squeeze replacing the source.list with:

# main repo
deb http://ftp.debian.org/debian/ squeeze main
deb-src http://ftp.debian.org/debian/ squeeze main
deb http://security.debian.org/ squeeze/updates main
deb-src http://security.debian.org/ squeeze/updates main

And then upgraded.

It's all working better now.

AAlvz
  • 365
  • 4
  • 7
  • 16
  • You may want to consider tracking "stable" instead of "squeeze". Regardless, glad you resolved this. Be sure to [mark your answer "accepted"](http://meta.stackexchange.com/questions/5234/how-does-accepting-an-answer-work) when you are able. – jscott Feb 08 '13 at 21:10
  • @jscott, I don't really like using `stable`. If someone is asleep at the wheel when applying updates, they might do a release upgrade, when they only meant to apply security updates. – Zoredache Feb 08 '13 at 22:21
  • @Zoredache so is it better to keep `squeeze` rather than `stable` to have better control? – AAlvz Feb 09 '13 at 00:45