> On 04-07-17, Wayne Hartell wrote: >> Hi all, >> >> >> >> I'm a Linux novice and have run into a problem with a clean Stretch >> install and apt. >> >> >> >> I started tinkering with Debian late in the game with Wheezy and have >> used Jessie pretty much without problem. After setting up some new >> Stretch systems (amd64) I am running into issues when using apt. >> >> >> >> The first set of errors I get from apt when trying to run "update" are: >> >> >> >> W: http://ftp.iinet.net.au/debian/debian/dists/stretch-updates/InRelease: >> The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file >> is not readable by user '_apt' executing apt-key. >> >> W: http://ftp.iinet.net.au/debian/dists/stretch/Release.gpg: The >> key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file is >> not readable by user '_apt' executing apt-key. >> >> W: >> http://security.debian.org/debian-security/dists/stretch/updates/InRelease: >> The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file >> is not readable by user '_apt' executing apt-key. >> >> >> >> I managed to solve<?> this error after checking that the permissions >> on /etc/apt/trusted.gpg were 0600 and edited them to be 0644. (Is this >> the correct default permission for the file trusted.gpg?) >> >> >> >> After that, when I run apt-get update again, I get a list of errors >> about errors occurring due to signature verification. >> >> e.g., "The repository is not updated and the previous index files will >> be used. GPG error: http://ftp.iinet.net.au/debian/debian >> stretch-updates >> InRelease: The following signatures couldn't be verified because the >> public key is not available: NO_PUBKEY <key> >> >> >> >> The above error is an abbreviated hand typed reproduction; not the >> actual output. I can provide the full list of errors if it helps. >> >> >> >> In another thread I read something about ensuring that the >> "debian-archive-keyring" is installed, and it is, version 2017.5. >> >> >> >> I just checked on second clean stretch install and it's the same >> situation; same exact problems. >> >> >> >> I am wondering what I might be doing wrong? >> >> >> >> Regards, >> >> Wayne. > >Did you try to change mirror you use in your sources.list? >
I did and it doesn't help (I get the same error with multiple different sources). GPG error: http://deb.debian.org/debian stretch-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010The repository 'http://deb.debian.org/debian stretch-updates InRelease' is not signed.Updating from such a repository can't be done securely, and is therefore disabled by default.See apt-secure(8) manpage for repository creation and user configuration details. Notably, the keys (e.g., 8B48AD6246925553 and 7638D0442B90D010) ARE present when I run 'apt-key list'. When I search this forum for these keys (e.g., "8B48AD6246925553") I find two threads with similar kinds of errors, but no solution on either. I'm wondering whether I have fallen into some kind of crack perhaps. I'm not sure why this is happening with all my fresh installs. I am wondering whether the fact I used a local mirror (ftp.iinet.net.au) during the install process has anything to do with it. I guess there is one way to find out. Another thing I'll mention that may or may not be relevant is that during the installation I did not (and have not in the past) set up root, instead preferring to use sudo. I should also note that I read in another thread that Jimmy Johnson says: "Also, if you used the live dvd it's screwing up apt gpg-keys and you will not see updates until the keys are fixed. ", but I didn't install from the live DVD, I installed from the regular non live DVD, so I don't think this is relevant. In the meantime I guess I can experiment with different install settings/approaches, but I'd rather, of course, find a way to fix an already installed system. Cheers.
