RE: Problems with apt in a clean stretch install.
> On 04-07-17, Wayne Hartell wrote:
>> Hi all,
>>
>>
>>
>> I'm a Linux novice and have run into a problem with a clean Stretch
>> install and apt.
>>
>>
>>
>> I started tinkering with Debian late in the game with Wheezy and have
>> used Jessie pretty much without problem. After setting up some new
>> Stretch systems (amd64) I am running into issues when using apt.
>>
>>
>>
>> The first set of errors I get from apt when trying to run "update" are:
>>
>>
>>
>> W: http://ftp.iinet.net.au/debian/debian/dists/stretch-updates/InRelease:
>> The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file
>> is not readable by user '_apt' executing apt-key.
>>
>> W: http://ftp.iinet.net.au/debian/dists/stretch/Release.gpg: The
>> key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file is
>> not readable by user '_apt' executing apt-key.
>>
>> W:
>>
http://security.debian.org/debian-security/dists/stretch/updates/InRelease:
>> The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file
>> is not readable by user '_apt' executing apt-key.
>>
>>
>>
>> I managed to solve<?> this error after checking that the permissions
>> on /etc/apt/trusted.gpg were 0600 and edited them to be 0644. (Is this
>> the correct default permission for the file trusted.gpg?)
>>
>>
>>
>> After that, when I run apt-get update again, I get a list of errors
>> about errors occurring due to signature verification.
>>
>> e.g., "The repository is not updated and the previous index files will
>> be used. GPG error: http://ftp.iinet.net.au/debian/debian
>> stretch-updates
>> InRelease: The following signatures couldn't be verified because the
>> public key is not available: NO_PUBKEY <key>
>>
>>
>>
>> The above error is an abbreviated hand typed reproduction; not the
>> actual output. I can provide the full list of errors if it helps.
>>
>>
>>
>> In another thread I read something about ensuring that the
>> "debian-archive-keyring" is installed, and it is, version 2017.5.
>>
>>
>>
>> I just checked on second clean stretch install and it's the same
>> situation; same exact problems.
>>
>>
>>
>> I am wondering what I might be doing wrong?
>>
>>
>>
>> Regards,
>>
>> Wayne.
>
>Did you try to change mirror you use in your sources.list?
>
I did and it doesn't help (I get the same error with multiple different
sources).
GPG error: http://deb.debian.org/debian stretch-updates InRelease: The
following signatures couldn't be verified because the public key is not
available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010The
repository 'http://deb.debian.org/debian stretch-updates InRelease' is not
signed.Updating from such a repository can't be done securely, and is
therefore disabled by default.See apt-secure(8) manpage for repository
creation and user configuration details.
Notably, the keys (e.g., 8B48AD6246925553 and 7638D0442B90D010) ARE present
when I run 'apt-key list'.
When I search this forum for these keys (e.g., "8B48AD6246925553") I find
two threads with similar kinds of errors, but no solution on either. I'm
wondering whether I have fallen into some kind of crack perhaps.
I'm not sure why this is happening with all my fresh installs. I am
wondering whether the fact I used a local mirror (ftp.iinet.net.au) during
the install process has anything to do with it. I guess there is one way to
find out.
Another thing I'll mention that may or may not be relevant is that during
the installation I did not (and have not in the past) set up root, instead
preferring to use sudo.
I should also note that I read in another thread that Jimmy Johnson says:
"Also, if you used the live dvd it's screwing up apt gpg-keys and you will
not see updates until the keys are fixed. ", but I didn't install from the
live DVD, I installed from the regular non live DVD, so I don't think this
is relevant.
In the meantime I guess I can experiment with different install
settings/approaches, but I'd rather, of course, find a way to fix an already
installed system.
Cheers.
Reply to: