I tried the gpg calls before and again just a few minutes ago and they did not work. Andreas Doerr also did a similar attempt on a Squeeze system.
It seems to have something to do with attempting to verify a wheezy package on squeeze system. Dennis On Thu, 2013-02-21 at 18:38 -0600, Nick M. Daly wrote: > dww writes: > > > What did I need to do to not get the "signatures couldn't be verified" > > error? I doubt setting noauth=true is the best thing to do... > > > > W: GPG error: http://http.debian.net wheezy Release: The following > > signatures couldn't be verified because the public key is not > > available: NO_PUBKEY AED4B06F473041FA > > You're right, and I think I've figured it out. You need to add the > Wheezy package signing key to your keyring. You don't have the key, so > there's no way to authenticate packages signed by that key. It'll also > fail when package downloads are incomplete or corrupted, even when you > have the key: I'm not able to build images while connected to any > wireless network but my own, for that reason; the 16 MiB of package > lists never download correctly. > > The way I added that key to my keyring was: > > : gpg --keyserver subkeys.pgp.net --recv-keys AED4B06F473041FA > > : gpg -a --export AED4B06F473041FA | sudo apt-key add - > > This probably isn't the best way to do this, because I don't have a good > way of verifying that the key actually came from Debian (there's no good > trust-chain here). Adding this to the F-M README sounds like a good > idea. Explaining what it means sounds even better. > > Nick _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
