Force update from unsigned repository Ubuntu 16.04
I using an unsigned repo in Ubuntu 16.04 from Debian multimedia
deb http://www.deb-multimedia.org jessie main
To install deb-multimedia-keyring I'm running
apt-get update && apt-get install deb-multimedia-keyring -y
This give an error
W: GPG error: http://www.deb-multimedia.org jessie InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5C808C2B65558117
E: The repository 'http://www.deb-multimedia.org jessie InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Thanks in advance
apt repository aptitude
add a comment |
I using an unsigned repo in Ubuntu 16.04 from Debian multimedia
deb http://www.deb-multimedia.org jessie main
To install deb-multimedia-keyring I'm running
apt-get update && apt-get install deb-multimedia-keyring -y
This give an error
W: GPG error: http://www.deb-multimedia.org jessie InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5C808C2B65558117
E: The repository 'http://www.deb-multimedia.org jessie InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Thanks in advance
apt repository aptitude
add a comment |
I using an unsigned repo in Ubuntu 16.04 from Debian multimedia
deb http://www.deb-multimedia.org jessie main
To install deb-multimedia-keyring I'm running
apt-get update && apt-get install deb-multimedia-keyring -y
This give an error
W: GPG error: http://www.deb-multimedia.org jessie InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5C808C2B65558117
E: The repository 'http://www.deb-multimedia.org jessie InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Thanks in advance
apt repository aptitude
I using an unsigned repo in Ubuntu 16.04 from Debian multimedia
deb http://www.deb-multimedia.org jessie main
To install deb-multimedia-keyring I'm running
apt-get update && apt-get install deb-multimedia-keyring -y
This give an error
W: GPG error: http://www.deb-multimedia.org jessie InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5C808C2B65558117
E: The repository 'http://www.deb-multimedia.org jessie InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Thanks in advance
apt repository aptitude
apt repository aptitude
asked Feb 13 '16 at 1:13
ShanShan
323136
323136
add a comment |
add a comment |
5 Answers
5
active
oldest
votes
You can bypass some important safeguards by using the following option:
--allow-unauthenticated
From the man pages for apt-get:
--allow-unauthenticated
Ignore if packages can't be authenticated and don't prompt about
it. This can be useful while working with local repositories, but
is a huge security risk if data authenticity isn't ensured in
another way by the user itself. The usage of the Trusted option for
sources.list(5) entries should usually be preferred over this
global override. Configuration Item:
APT::Get::AllowUnauthenticated.
But be a little cautious about using this option more widely, the safeguards are in place to protect your computer not limit your freedom...
I useRaspbian stretch
and get even with the optionE: The repository 'http://ftp.de.debian.org/debian testing InRelease' is not signed.
I want to upgrade from python 3.5. t 3.6.
– Timo
Apr 2 '18 at 12:59
told me that "this option can't be interpreted together with the other options"when executingsudo apt-get update --allow-unauthenticated
– Xerus
May 12 '18 at 22:45
12
NOTE: This no longer seems to work in Ubuntu 18.04 as of July 2018.
– Jay Taylor
Jul 9 '18 at 2:29
@JayTaylor: I have just opened a fresh Virtual Machine for 18.04 and the command functions here perfectly well. Pastebin here: pastebin.com/ygLTnP1C
– andrew.46
Jul 9 '18 at 6:20
1
Interesting; perhaps there might be something else different on the machine I tried it from behind the errors I observed. In any case, adding the[trusted=yes]
field to sources.list did work. Thanks for your diligence @andrew.46 :)
– Jay Taylor
Jul 9 '18 at 18:59
add a comment |
You can set options in your sources.list
:
deb [trusted=yes] http://www.deb-multimedia.org jessie main
The trusted option is what turns off the GPG check. See man 5 sources.list
for details.
Ps: source.list
is located at /etc/apt/sources.list
How do we access thesources.list
from the terminal?
– fuzzi
Nov 20 '18 at 15:40
It is located in/etc/apt/sources.list
. You can either edit it within the terminal with vim ( or whatever you prefer) or any non-terminal editor like gedit.
– Prathu Baronia
Nov 20 '18 at 22:48
add a comment |
Another generic solution would be
sudo apt-key adv --keyserver pgp.mit.edu --recv-keys 5C808C2B65558117
Note: I didn't test the solution with this repository but I did it with Skype repository and it worked just fine.
Another solution specific to your case is to install the keys
wget http://www.deb-multimedia.org/pool/main/d/deb-multimedia-keyring/deb-multimedia-keyring_2012.05.05_all.deb -O deb-multimedia-keyring.deb
sudo dpkg -i multimedia-keyring_all.deb
As described in the full walk through Here
add a comment |
If you are trying to get a package from a repository where they packaged the keys and include them within the repository and no where else, it can be very annoying to download and install the key/keyring package using dpkg, and very difficult to do so in an easily scriptable and repeatable manner.
The below script is not recommended if you can install the keys from a keyserver (as recommended in another answer using apt-key adv
) or if you can download them from a trusted source via https and install using apt-key (eg wget https://trusted.key.site/my-trusted-key.gpg | sudo apt-key add -
), but if you don't have ANY other way, you can use this.
echo "deb http://your.repo.domain/repository/ $(lsb_release -c -s) universe" | sudo tee /etc/apt/sources.list.d/your-repo-name.list
sudo apt -o Acquire::AllowInsecureRepositories=true
-o Acquire::AllowDowngradeToInsecureRepositories=true
update
## if the 'apt update' above fails it is likely due to previously
## having the GPG key and repository on the system, you can clean
## out the old lists with `sudo rm /var/lib/apt/lists/your.repo.domain*`
apt-get -o APT::Get::AllowUnauthenticated=true install repo-keyring-pkgname
## If you ever run `sudo apt-key del your-repos-keyID`
## you may have to `sudo apt remove --purge repo-keyring-pkgname`
## Update should run without the GPG warnings now that the key is installed
apt-get update
apt-get install somepkg-from-repo
I originally put this together because i3 in their sur5r repo does this, but then I found out their keys are in the keyserver.ubuntu.com list, so I can just sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E3CA1A89941C42E6
and avoid all the extra package hassles.
This answer seems incomplete when faced with Ubuntu 18.04 There it tries to annoy me by saying nasty things like... Release is not valid yet (invalid for another 44min 35s). Updates for this repository will not be applied.
Even after rm-ing the /var/lib/apt/lists/* things...
– Jürgen Weigert
Apr 25 '18 at 18:05
That is simply a mirror replication problem and shouldn't affect the authentication or signing of packages in the repositories. Since 1804 is just coming out of beta a lot of mirrors are trying to catch up and the mirroring service may point you to server that isn't fully in sync yet.
– dragon788
Apr 27 '18 at 1:24
add a comment |
You can get the PUBLIC_KEY from the keyserver and add it into apt-key. Assuming the keyserver is pgpkeys.mit.edu
, you first need to type in:
gpg --keyserver pgpkeys.mit.edu --recv-key KEY_IN_ERROR
gpg -a --export KEY_IN_ERROR | sudo apt-key add -
Replace the key KEY_IN_ERROR with the one in your error message, i.e. 5C808C2B65558117.
Also, if you are really interested in adding an unsigned repository, you can add the a flag in the desired repository entry in the sources.list like this:
deb [allow-insecure=yes] http://www.deb-multimedia.org jessie main
This is really useful if you want to fine tune your security settings for an individual entries.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f732985%2fforce-update-from-unsigned-repository-ubuntu-16-04%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
5 Answers
5
active
oldest
votes
5 Answers
5
active
oldest
votes
active
oldest
votes
active
oldest
votes
You can bypass some important safeguards by using the following option:
--allow-unauthenticated
From the man pages for apt-get:
--allow-unauthenticated
Ignore if packages can't be authenticated and don't prompt about
it. This can be useful while working with local repositories, but
is a huge security risk if data authenticity isn't ensured in
another way by the user itself. The usage of the Trusted option for
sources.list(5) entries should usually be preferred over this
global override. Configuration Item:
APT::Get::AllowUnauthenticated.
But be a little cautious about using this option more widely, the safeguards are in place to protect your computer not limit your freedom...
I useRaspbian stretch
and get even with the optionE: The repository 'http://ftp.de.debian.org/debian testing InRelease' is not signed.
I want to upgrade from python 3.5. t 3.6.
– Timo
Apr 2 '18 at 12:59
told me that "this option can't be interpreted together with the other options"when executingsudo apt-get update --allow-unauthenticated
– Xerus
May 12 '18 at 22:45
12
NOTE: This no longer seems to work in Ubuntu 18.04 as of July 2018.
– Jay Taylor
Jul 9 '18 at 2:29
@JayTaylor: I have just opened a fresh Virtual Machine for 18.04 and the command functions here perfectly well. Pastebin here: pastebin.com/ygLTnP1C
– andrew.46
Jul 9 '18 at 6:20
1
Interesting; perhaps there might be something else different on the machine I tried it from behind the errors I observed. In any case, adding the[trusted=yes]
field to sources.list did work. Thanks for your diligence @andrew.46 :)
– Jay Taylor
Jul 9 '18 at 18:59
add a comment |
You can bypass some important safeguards by using the following option:
--allow-unauthenticated
From the man pages for apt-get:
--allow-unauthenticated
Ignore if packages can't be authenticated and don't prompt about
it. This can be useful while working with local repositories, but
is a huge security risk if data authenticity isn't ensured in
another way by the user itself. The usage of the Trusted option for
sources.list(5) entries should usually be preferred over this
global override. Configuration Item:
APT::Get::AllowUnauthenticated.
But be a little cautious about using this option more widely, the safeguards are in place to protect your computer not limit your freedom...
I useRaspbian stretch
and get even with the optionE: The repository 'http://ftp.de.debian.org/debian testing InRelease' is not signed.
I want to upgrade from python 3.5. t 3.6.
– Timo
Apr 2 '18 at 12:59
told me that "this option can't be interpreted together with the other options"when executingsudo apt-get update --allow-unauthenticated
– Xerus
May 12 '18 at 22:45
12
NOTE: This no longer seems to work in Ubuntu 18.04 as of July 2018.
– Jay Taylor
Jul 9 '18 at 2:29
@JayTaylor: I have just opened a fresh Virtual Machine for 18.04 and the command functions here perfectly well. Pastebin here: pastebin.com/ygLTnP1C
– andrew.46
Jul 9 '18 at 6:20
1
Interesting; perhaps there might be something else different on the machine I tried it from behind the errors I observed. In any case, adding the[trusted=yes]
field to sources.list did work. Thanks for your diligence @andrew.46 :)
– Jay Taylor
Jul 9 '18 at 18:59
add a comment |
You can bypass some important safeguards by using the following option:
--allow-unauthenticated
From the man pages for apt-get:
--allow-unauthenticated
Ignore if packages can't be authenticated and don't prompt about
it. This can be useful while working with local repositories, but
is a huge security risk if data authenticity isn't ensured in
another way by the user itself. The usage of the Trusted option for
sources.list(5) entries should usually be preferred over this
global override. Configuration Item:
APT::Get::AllowUnauthenticated.
But be a little cautious about using this option more widely, the safeguards are in place to protect your computer not limit your freedom...
You can bypass some important safeguards by using the following option:
--allow-unauthenticated
From the man pages for apt-get:
--allow-unauthenticated
Ignore if packages can't be authenticated and don't prompt about
it. This can be useful while working with local repositories, but
is a huge security risk if data authenticity isn't ensured in
another way by the user itself. The usage of the Trusted option for
sources.list(5) entries should usually be preferred over this
global override. Configuration Item:
APT::Get::AllowUnauthenticated.
But be a little cautious about using this option more widely, the safeguards are in place to protect your computer not limit your freedom...
edited Feb 11 '18 at 7:54
answered Feb 13 '16 at 1:29
andrew.46andrew.46
21.4k1469147
21.4k1469147
I useRaspbian stretch
and get even with the optionE: The repository 'http://ftp.de.debian.org/debian testing InRelease' is not signed.
I want to upgrade from python 3.5. t 3.6.
– Timo
Apr 2 '18 at 12:59
told me that "this option can't be interpreted together with the other options"when executingsudo apt-get update --allow-unauthenticated
– Xerus
May 12 '18 at 22:45
12
NOTE: This no longer seems to work in Ubuntu 18.04 as of July 2018.
– Jay Taylor
Jul 9 '18 at 2:29
@JayTaylor: I have just opened a fresh Virtual Machine for 18.04 and the command functions here perfectly well. Pastebin here: pastebin.com/ygLTnP1C
– andrew.46
Jul 9 '18 at 6:20
1
Interesting; perhaps there might be something else different on the machine I tried it from behind the errors I observed. In any case, adding the[trusted=yes]
field to sources.list did work. Thanks for your diligence @andrew.46 :)
– Jay Taylor
Jul 9 '18 at 18:59
add a comment |
I useRaspbian stretch
and get even with the optionE: The repository 'http://ftp.de.debian.org/debian testing InRelease' is not signed.
I want to upgrade from python 3.5. t 3.6.
– Timo
Apr 2 '18 at 12:59
told me that "this option can't be interpreted together with the other options"when executingsudo apt-get update --allow-unauthenticated
– Xerus
May 12 '18 at 22:45
12
NOTE: This no longer seems to work in Ubuntu 18.04 as of July 2018.
– Jay Taylor
Jul 9 '18 at 2:29
@JayTaylor: I have just opened a fresh Virtual Machine for 18.04 and the command functions here perfectly well. Pastebin here: pastebin.com/ygLTnP1C
– andrew.46
Jul 9 '18 at 6:20
1
Interesting; perhaps there might be something else different on the machine I tried it from behind the errors I observed. In any case, adding the[trusted=yes]
field to sources.list did work. Thanks for your diligence @andrew.46 :)
– Jay Taylor
Jul 9 '18 at 18:59
I use
Raspbian stretch
and get even with the option E: The repository 'http://ftp.de.debian.org/debian testing InRelease' is not signed.
I want to upgrade from python 3.5. t 3.6.– Timo
Apr 2 '18 at 12:59
I use
Raspbian stretch
and get even with the option E: The repository 'http://ftp.de.debian.org/debian testing InRelease' is not signed.
I want to upgrade from python 3.5. t 3.6.– Timo
Apr 2 '18 at 12:59
told me that "this option can't be interpreted together with the other options"when executing
sudo apt-get update --allow-unauthenticated
– Xerus
May 12 '18 at 22:45
told me that "this option can't be interpreted together with the other options"when executing
sudo apt-get update --allow-unauthenticated
– Xerus
May 12 '18 at 22:45
12
12
NOTE: This no longer seems to work in Ubuntu 18.04 as of July 2018.
– Jay Taylor
Jul 9 '18 at 2:29
NOTE: This no longer seems to work in Ubuntu 18.04 as of July 2018.
– Jay Taylor
Jul 9 '18 at 2:29
@JayTaylor: I have just opened a fresh Virtual Machine for 18.04 and the command functions here perfectly well. Pastebin here: pastebin.com/ygLTnP1C
– andrew.46
Jul 9 '18 at 6:20
@JayTaylor: I have just opened a fresh Virtual Machine for 18.04 and the command functions here perfectly well. Pastebin here: pastebin.com/ygLTnP1C
– andrew.46
Jul 9 '18 at 6:20
1
1
Interesting; perhaps there might be something else different on the machine I tried it from behind the errors I observed. In any case, adding the
[trusted=yes]
field to sources.list did work. Thanks for your diligence @andrew.46 :)– Jay Taylor
Jul 9 '18 at 18:59
Interesting; perhaps there might be something else different on the machine I tried it from behind the errors I observed. In any case, adding the
[trusted=yes]
field to sources.list did work. Thanks for your diligence @andrew.46 :)– Jay Taylor
Jul 9 '18 at 18:59
add a comment |
You can set options in your sources.list
:
deb [trusted=yes] http://www.deb-multimedia.org jessie main
The trusted option is what turns off the GPG check. See man 5 sources.list
for details.
Ps: source.list
is located at /etc/apt/sources.list
How do we access thesources.list
from the terminal?
– fuzzi
Nov 20 '18 at 15:40
It is located in/etc/apt/sources.list
. You can either edit it within the terminal with vim ( or whatever you prefer) or any non-terminal editor like gedit.
– Prathu Baronia
Nov 20 '18 at 22:48
add a comment |
You can set options in your sources.list
:
deb [trusted=yes] http://www.deb-multimedia.org jessie main
The trusted option is what turns off the GPG check. See man 5 sources.list
for details.
Ps: source.list
is located at /etc/apt/sources.list
How do we access thesources.list
from the terminal?
– fuzzi
Nov 20 '18 at 15:40
It is located in/etc/apt/sources.list
. You can either edit it within the terminal with vim ( or whatever you prefer) or any non-terminal editor like gedit.
– Prathu Baronia
Nov 20 '18 at 22:48
add a comment |
You can set options in your sources.list
:
deb [trusted=yes] http://www.deb-multimedia.org jessie main
The trusted option is what turns off the GPG check. See man 5 sources.list
for details.
Ps: source.list
is located at /etc/apt/sources.list
You can set options in your sources.list
:
deb [trusted=yes] http://www.deb-multimedia.org jessie main
The trusted option is what turns off the GPG check. See man 5 sources.list
for details.
Ps: source.list
is located at /etc/apt/sources.list
edited Dec 22 '18 at 17:16
Tshilidzi Mudau
3,55831727
3,55831727
answered Jun 29 '18 at 20:17
Prathu BaroniaPrathu Baronia
548410
548410
How do we access thesources.list
from the terminal?
– fuzzi
Nov 20 '18 at 15:40
It is located in/etc/apt/sources.list
. You can either edit it within the terminal with vim ( or whatever you prefer) or any non-terminal editor like gedit.
– Prathu Baronia
Nov 20 '18 at 22:48
add a comment |
How do we access thesources.list
from the terminal?
– fuzzi
Nov 20 '18 at 15:40
It is located in/etc/apt/sources.list
. You can either edit it within the terminal with vim ( or whatever you prefer) or any non-terminal editor like gedit.
– Prathu Baronia
Nov 20 '18 at 22:48
How do we access the
sources.list
from the terminal?– fuzzi
Nov 20 '18 at 15:40
How do we access the
sources.list
from the terminal?– fuzzi
Nov 20 '18 at 15:40
It is located in
/etc/apt/sources.list
. You can either edit it within the terminal with vim ( or whatever you prefer) or any non-terminal editor like gedit.– Prathu Baronia
Nov 20 '18 at 22:48
It is located in
/etc/apt/sources.list
. You can either edit it within the terminal with vim ( or whatever you prefer) or any non-terminal editor like gedit.– Prathu Baronia
Nov 20 '18 at 22:48
add a comment |
Another generic solution would be
sudo apt-key adv --keyserver pgp.mit.edu --recv-keys 5C808C2B65558117
Note: I didn't test the solution with this repository but I did it with Skype repository and it worked just fine.
Another solution specific to your case is to install the keys
wget http://www.deb-multimedia.org/pool/main/d/deb-multimedia-keyring/deb-multimedia-keyring_2012.05.05_all.deb -O deb-multimedia-keyring.deb
sudo dpkg -i multimedia-keyring_all.deb
As described in the full walk through Here
add a comment |
Another generic solution would be
sudo apt-key adv --keyserver pgp.mit.edu --recv-keys 5C808C2B65558117
Note: I didn't test the solution with this repository but I did it with Skype repository and it worked just fine.
Another solution specific to your case is to install the keys
wget http://www.deb-multimedia.org/pool/main/d/deb-multimedia-keyring/deb-multimedia-keyring_2012.05.05_all.deb -O deb-multimedia-keyring.deb
sudo dpkg -i multimedia-keyring_all.deb
As described in the full walk through Here
add a comment |
Another generic solution would be
sudo apt-key adv --keyserver pgp.mit.edu --recv-keys 5C808C2B65558117
Note: I didn't test the solution with this repository but I did it with Skype repository and it worked just fine.
Another solution specific to your case is to install the keys
wget http://www.deb-multimedia.org/pool/main/d/deb-multimedia-keyring/deb-multimedia-keyring_2012.05.05_all.deb -O deb-multimedia-keyring.deb
sudo dpkg -i multimedia-keyring_all.deb
As described in the full walk through Here
Another generic solution would be
sudo apt-key adv --keyserver pgp.mit.edu --recv-keys 5C808C2B65558117
Note: I didn't test the solution with this repository but I did it with Skype repository and it worked just fine.
Another solution specific to your case is to install the keys
wget http://www.deb-multimedia.org/pool/main/d/deb-multimedia-keyring/deb-multimedia-keyring_2012.05.05_all.deb -O deb-multimedia-keyring.deb
sudo dpkg -i multimedia-keyring_all.deb
As described in the full walk through Here
answered Apr 6 '17 at 19:45
fady mohamed osmanfady mohamed osman
28934
28934
add a comment |
add a comment |
If you are trying to get a package from a repository where they packaged the keys and include them within the repository and no where else, it can be very annoying to download and install the key/keyring package using dpkg, and very difficult to do so in an easily scriptable and repeatable manner.
The below script is not recommended if you can install the keys from a keyserver (as recommended in another answer using apt-key adv
) or if you can download them from a trusted source via https and install using apt-key (eg wget https://trusted.key.site/my-trusted-key.gpg | sudo apt-key add -
), but if you don't have ANY other way, you can use this.
echo "deb http://your.repo.domain/repository/ $(lsb_release -c -s) universe" | sudo tee /etc/apt/sources.list.d/your-repo-name.list
sudo apt -o Acquire::AllowInsecureRepositories=true
-o Acquire::AllowDowngradeToInsecureRepositories=true
update
## if the 'apt update' above fails it is likely due to previously
## having the GPG key and repository on the system, you can clean
## out the old lists with `sudo rm /var/lib/apt/lists/your.repo.domain*`
apt-get -o APT::Get::AllowUnauthenticated=true install repo-keyring-pkgname
## If you ever run `sudo apt-key del your-repos-keyID`
## you may have to `sudo apt remove --purge repo-keyring-pkgname`
## Update should run without the GPG warnings now that the key is installed
apt-get update
apt-get install somepkg-from-repo
I originally put this together because i3 in their sur5r repo does this, but then I found out their keys are in the keyserver.ubuntu.com list, so I can just sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E3CA1A89941C42E6
and avoid all the extra package hassles.
This answer seems incomplete when faced with Ubuntu 18.04 There it tries to annoy me by saying nasty things like... Release is not valid yet (invalid for another 44min 35s). Updates for this repository will not be applied.
Even after rm-ing the /var/lib/apt/lists/* things...
– Jürgen Weigert
Apr 25 '18 at 18:05
That is simply a mirror replication problem and shouldn't affect the authentication or signing of packages in the repositories. Since 1804 is just coming out of beta a lot of mirrors are trying to catch up and the mirroring service may point you to server that isn't fully in sync yet.
– dragon788
Apr 27 '18 at 1:24
add a comment |
If you are trying to get a package from a repository where they packaged the keys and include them within the repository and no where else, it can be very annoying to download and install the key/keyring package using dpkg, and very difficult to do so in an easily scriptable and repeatable manner.
The below script is not recommended if you can install the keys from a keyserver (as recommended in another answer using apt-key adv
) or if you can download them from a trusted source via https and install using apt-key (eg wget https://trusted.key.site/my-trusted-key.gpg | sudo apt-key add -
), but if you don't have ANY other way, you can use this.
echo "deb http://your.repo.domain/repository/ $(lsb_release -c -s) universe" | sudo tee /etc/apt/sources.list.d/your-repo-name.list
sudo apt -o Acquire::AllowInsecureRepositories=true
-o Acquire::AllowDowngradeToInsecureRepositories=true
update
## if the 'apt update' above fails it is likely due to previously
## having the GPG key and repository on the system, you can clean
## out the old lists with `sudo rm /var/lib/apt/lists/your.repo.domain*`
apt-get -o APT::Get::AllowUnauthenticated=true install repo-keyring-pkgname
## If you ever run `sudo apt-key del your-repos-keyID`
## you may have to `sudo apt remove --purge repo-keyring-pkgname`
## Update should run without the GPG warnings now that the key is installed
apt-get update
apt-get install somepkg-from-repo
I originally put this together because i3 in their sur5r repo does this, but then I found out their keys are in the keyserver.ubuntu.com list, so I can just sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E3CA1A89941C42E6
and avoid all the extra package hassles.
This answer seems incomplete when faced with Ubuntu 18.04 There it tries to annoy me by saying nasty things like... Release is not valid yet (invalid for another 44min 35s). Updates for this repository will not be applied.
Even after rm-ing the /var/lib/apt/lists/* things...
– Jürgen Weigert
Apr 25 '18 at 18:05
That is simply a mirror replication problem and shouldn't affect the authentication or signing of packages in the repositories. Since 1804 is just coming out of beta a lot of mirrors are trying to catch up and the mirroring service may point you to server that isn't fully in sync yet.
– dragon788
Apr 27 '18 at 1:24
add a comment |
If you are trying to get a package from a repository where they packaged the keys and include them within the repository and no where else, it can be very annoying to download and install the key/keyring package using dpkg, and very difficult to do so in an easily scriptable and repeatable manner.
The below script is not recommended if you can install the keys from a keyserver (as recommended in another answer using apt-key adv
) or if you can download them from a trusted source via https and install using apt-key (eg wget https://trusted.key.site/my-trusted-key.gpg | sudo apt-key add -
), but if you don't have ANY other way, you can use this.
echo "deb http://your.repo.domain/repository/ $(lsb_release -c -s) universe" | sudo tee /etc/apt/sources.list.d/your-repo-name.list
sudo apt -o Acquire::AllowInsecureRepositories=true
-o Acquire::AllowDowngradeToInsecureRepositories=true
update
## if the 'apt update' above fails it is likely due to previously
## having the GPG key and repository on the system, you can clean
## out the old lists with `sudo rm /var/lib/apt/lists/your.repo.domain*`
apt-get -o APT::Get::AllowUnauthenticated=true install repo-keyring-pkgname
## If you ever run `sudo apt-key del your-repos-keyID`
## you may have to `sudo apt remove --purge repo-keyring-pkgname`
## Update should run without the GPG warnings now that the key is installed
apt-get update
apt-get install somepkg-from-repo
I originally put this together because i3 in their sur5r repo does this, but then I found out their keys are in the keyserver.ubuntu.com list, so I can just sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E3CA1A89941C42E6
and avoid all the extra package hassles.
If you are trying to get a package from a repository where they packaged the keys and include them within the repository and no where else, it can be very annoying to download and install the key/keyring package using dpkg, and very difficult to do so in an easily scriptable and repeatable manner.
The below script is not recommended if you can install the keys from a keyserver (as recommended in another answer using apt-key adv
) or if you can download them from a trusted source via https and install using apt-key (eg wget https://trusted.key.site/my-trusted-key.gpg | sudo apt-key add -
), but if you don't have ANY other way, you can use this.
echo "deb http://your.repo.domain/repository/ $(lsb_release -c -s) universe" | sudo tee /etc/apt/sources.list.d/your-repo-name.list
sudo apt -o Acquire::AllowInsecureRepositories=true
-o Acquire::AllowDowngradeToInsecureRepositories=true
update
## if the 'apt update' above fails it is likely due to previously
## having the GPG key and repository on the system, you can clean
## out the old lists with `sudo rm /var/lib/apt/lists/your.repo.domain*`
apt-get -o APT::Get::AllowUnauthenticated=true install repo-keyring-pkgname
## If you ever run `sudo apt-key del your-repos-keyID`
## you may have to `sudo apt remove --purge repo-keyring-pkgname`
## Update should run without the GPG warnings now that the key is installed
apt-get update
apt-get install somepkg-from-repo
I originally put this together because i3 in their sur5r repo does this, but then I found out their keys are in the keyserver.ubuntu.com list, so I can just sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E3CA1A89941C42E6
and avoid all the extra package hassles.
edited Nov 15 '17 at 17:08
derHugo
2,29021429
2,29021429
answered Sep 1 '17 at 20:10
dragon788dragon788
556211
556211
This answer seems incomplete when faced with Ubuntu 18.04 There it tries to annoy me by saying nasty things like... Release is not valid yet (invalid for another 44min 35s). Updates for this repository will not be applied.
Even after rm-ing the /var/lib/apt/lists/* things...
– Jürgen Weigert
Apr 25 '18 at 18:05
That is simply a mirror replication problem and shouldn't affect the authentication or signing of packages in the repositories. Since 1804 is just coming out of beta a lot of mirrors are trying to catch up and the mirroring service may point you to server that isn't fully in sync yet.
– dragon788
Apr 27 '18 at 1:24
add a comment |
This answer seems incomplete when faced with Ubuntu 18.04 There it tries to annoy me by saying nasty things like... Release is not valid yet (invalid for another 44min 35s). Updates for this repository will not be applied.
Even after rm-ing the /var/lib/apt/lists/* things...
– Jürgen Weigert
Apr 25 '18 at 18:05
That is simply a mirror replication problem and shouldn't affect the authentication or signing of packages in the repositories. Since 1804 is just coming out of beta a lot of mirrors are trying to catch up and the mirroring service may point you to server that isn't fully in sync yet.
– dragon788
Apr 27 '18 at 1:24
This answer seems incomplete when faced with Ubuntu 18.04 There it tries to annoy me by saying nasty things like
... Release is not valid yet (invalid for another 44min 35s). Updates for this repository will not be applied.
Even after rm-ing the /var/lib/apt/lists/* things...– Jürgen Weigert
Apr 25 '18 at 18:05
This answer seems incomplete when faced with Ubuntu 18.04 There it tries to annoy me by saying nasty things like
... Release is not valid yet (invalid for another 44min 35s). Updates for this repository will not be applied.
Even after rm-ing the /var/lib/apt/lists/* things...– Jürgen Weigert
Apr 25 '18 at 18:05
That is simply a mirror replication problem and shouldn't affect the authentication or signing of packages in the repositories. Since 1804 is just coming out of beta a lot of mirrors are trying to catch up and the mirroring service may point you to server that isn't fully in sync yet.
– dragon788
Apr 27 '18 at 1:24
That is simply a mirror replication problem and shouldn't affect the authentication or signing of packages in the repositories. Since 1804 is just coming out of beta a lot of mirrors are trying to catch up and the mirroring service may point you to server that isn't fully in sync yet.
– dragon788
Apr 27 '18 at 1:24
add a comment |
You can get the PUBLIC_KEY from the keyserver and add it into apt-key. Assuming the keyserver is pgpkeys.mit.edu
, you first need to type in:
gpg --keyserver pgpkeys.mit.edu --recv-key KEY_IN_ERROR
gpg -a --export KEY_IN_ERROR | sudo apt-key add -
Replace the key KEY_IN_ERROR with the one in your error message, i.e. 5C808C2B65558117.
Also, if you are really interested in adding an unsigned repository, you can add the a flag in the desired repository entry in the sources.list like this:
deb [allow-insecure=yes] http://www.deb-multimedia.org jessie main
This is really useful if you want to fine tune your security settings for an individual entries.
add a comment |
You can get the PUBLIC_KEY from the keyserver and add it into apt-key. Assuming the keyserver is pgpkeys.mit.edu
, you first need to type in:
gpg --keyserver pgpkeys.mit.edu --recv-key KEY_IN_ERROR
gpg -a --export KEY_IN_ERROR | sudo apt-key add -
Replace the key KEY_IN_ERROR with the one in your error message, i.e. 5C808C2B65558117.
Also, if you are really interested in adding an unsigned repository, you can add the a flag in the desired repository entry in the sources.list like this:
deb [allow-insecure=yes] http://www.deb-multimedia.org jessie main
This is really useful if you want to fine tune your security settings for an individual entries.
add a comment |
You can get the PUBLIC_KEY from the keyserver and add it into apt-key. Assuming the keyserver is pgpkeys.mit.edu
, you first need to type in:
gpg --keyserver pgpkeys.mit.edu --recv-key KEY_IN_ERROR
gpg -a --export KEY_IN_ERROR | sudo apt-key add -
Replace the key KEY_IN_ERROR with the one in your error message, i.e. 5C808C2B65558117.
Also, if you are really interested in adding an unsigned repository, you can add the a flag in the desired repository entry in the sources.list like this:
deb [allow-insecure=yes] http://www.deb-multimedia.org jessie main
This is really useful if you want to fine tune your security settings for an individual entries.
You can get the PUBLIC_KEY from the keyserver and add it into apt-key. Assuming the keyserver is pgpkeys.mit.edu
, you first need to type in:
gpg --keyserver pgpkeys.mit.edu --recv-key KEY_IN_ERROR
gpg -a --export KEY_IN_ERROR | sudo apt-key add -
Replace the key KEY_IN_ERROR with the one in your error message, i.e. 5C808C2B65558117.
Also, if you are really interested in adding an unsigned repository, you can add the a flag in the desired repository entry in the sources.list like this:
deb [allow-insecure=yes] http://www.deb-multimedia.org jessie main
This is really useful if you want to fine tune your security settings for an individual entries.
edited May 6 '18 at 11:17
answered May 4 '18 at 6:05
leonidasleonidas
212
212
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f732985%2fforce-update-from-unsigned-repository-ubuntu-16-04%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown