1

On ubuntu 16.04, running sudo apt-get update reports several GPG errors. Such as,

W: GPG error: http://security.ubuntu.com/ubuntu xenial-security InRelease: At least one invalid signature was encountered.
W: The repository 'http://security.ubuntu.com/ubuntu xenial-security InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

A simple google search finds many such cases. Often the solution involves,

sudo apt-key adv --recv-keys --keyserver keys.gnupg.net <some magic hex value>

My main question is, how to get the "magic hex sequence" to solve my problems?

Update (May 17), I reinstalled many packages, all apt and lib and ubuntu-keyring. Nothing changed.

It would be nice to figure out how to fix this specific problem. I gave up. Did a fresh install to 18.04.

Timothy Prime
  • 9
  • 1
  • 6
  • 1
    This kind of solution (apt-key) should be needed only for external repositories. Ubuntu's own keys should come preloaded from Ubuntu's initial installation, and then be upgraded securely as needed. So there's something else going on. Perhaps you did something, after which it stopped working, you forgot to tell about? – A.B May 13 '18 at 16:28
  • "Did something" is an understatement. Cerbero trashed /usr/. I copied /usr/ from another similar system and now I am trying to cleanup. – Timothy Prime May 13 '18 at 16:51
  • So you must be missing (or having the wrong content for) any of these files /usr/share/keyrings/ubuntu-*.gpg , which are then symlinked to /etc/apt/trusted.gpg.d/ . you should download from a working Ubuntu system (using apt-get download for validation) ubuntu-archive-keyring , transfer it, force its reinstallation using dpkg -i, apt-get clean, apt-get update and hope for the best – A.B May 13 '18 at 16:59
  • or it could be any of the glue related to gpg needing such a repair – A.B May 13 '18 at 17:08

0 Answers0