无法向Ubuntu22.04添加公钥
无法向Ubuntu22.04添加公钥
提问于 2023-03-12 23:18:51
我在尝试更新ubuntu时出错了。我试图手动将错误中提到的键添加到我的系统中,方法是:
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 871920D1991BC93C但是它不会做任何改变,我仍然会遇到同样的错误。我也有点担心我的存储库。我觉得我在这漏掉了什么。
sudo apt-get update
Hit:1 http://archive.canonical.com/ubuntu jammy InRelease
Get:2 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]
Hit:3 https://dl.winehq.org/wine-builds/ubuntu jammy InRelease
Hit:4 https://repositories.intel.com/graphics/ubuntu focal InRelease
Get:5 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [119 kB]
Get:6 http://archive.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:7 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [107 kB]
Err:1 http://archive.canonical.com/ubuntu jammy InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Err:4 https://repositories.intel.com/graphics/ubuntu focal InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9B10C065DBB72B06
Err:2 http://archive.ubuntu.com/ubuntu jammy InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Hit:8 https://repositories.intel.com/graphics/ubuntu jammy InRelease
Err:5 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Err:6 http://archive.ubuntu.com/ubuntu jammy-security InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Err:7 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://archive.canonical.com/ubuntu jammy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://repositories.intel.com/graphics/ubuntu focal InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9B10C065DBB72B06
W: GPG error: http://archive.ubuntu.com/ubuntu jammy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-updates InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-security InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-backports InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-backports InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.这里是我的源代码列表输出,我认为它不应该正确,因为我自己更改了它。在22.04的默认版本中,我遇到了很大的麻烦,所以我决定回到时间上:
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://archive.ubuntu.com/ubuntu/ focal main restricted
deb-src http://archive.ubuntu.com/ubuntu/ focal main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb http://archive.ubuntu.com/ubuntu/ focal-updates main restricted
deb-src http://archive.ubuntu.com/ubuntu/ focal-updates main restricted
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://archive.ubuntu.com/ubuntu/ focal universe
deb-src http://archive.ubuntu.com/ubuntu/ focal universe
deb http://archive.ubuntu.com/ubuntu/ focal-updates universe
deb-src http://archive.ubuntu.com/ubuntu/ focal-updates universe
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://archive.ubuntu.com/ubuntu/ focal multiverse
deb-src http://archive.ubuntu.com/ubuntu/ focal multiverse
deb http://archive.ubuntu.com/ubuntu/ focal-updates multiverse
deb-src http://archive.ubuntu.com/ubuntu/ focal-updates multiverse
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse
deb-src http://archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse
## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
# deb http://archive.canonical.com/ubuntu focal partner
# deb-src http://archive这是我在做了所有更改后的sudo after更新的输出:
sudo apt-get update
Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
Hit:2 http://archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:3 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Reading package lists... Done
W: http://archive.ubuntu.com/ubuntu/dists/focal/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://archive.ubuntu.com/ubuntu/dists/focal-updates/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://archive.ubuntu.com/ubuntu/dists/focal-backports/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.我还是有问题的
回答 1
Ask Ubuntu用户
发布于 2023-03-12 23:45:30
在Ubuntu22.04中,随着apt现在处理键的方式发生了很大变化。也就是说,不建议使用apt-key来支持对每个存储库的直接密钥环管理。
我将假设您的主/etc/apt/sources.list文件专门将所有内容指向ubuntu.lafibre.info,这不是一个标准镜像。
现在真正真正做到这一点的唯一方法是将主密钥下载到/etc/apt/keyrings/中,然后一个一个地添加到存储库的设置中,或者将它们添加到/etc/apt/trusted.gpg.d中,然后使用该密钥签名的任何内容都将被信任:
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 871920D1991BC93C
gpg --export 871920D1991BC93C | sudo tee /etc/apt/trusted.gpg.d/ubuntu.lafibre.info.gpg这将首先下载到标准gnupg密钥环的密钥。然后,我们将该键以可读的格式导出到/etc/apt/trusted.gpg.d/ubuntu.lafibre.info.gpg的文件中,当您运行sudo apt update时,该文件应该可以工作。
运行sudo apt update,它现在应该可以工作了。
NOTICE:如果这样做,您就会信任PGP / GPG密钥来对任何存储库进行签名,因此这不是最安全的方法。更安全的方法是将该密钥下载到 /etc/apt/keyrings/ubuntu.lafibre.info.gpg then,将使用该URL的每一行更改为 deb [ signed-by=/etc/apt/keyrings/ubuntu.lafibre.info.gpg ] at,而不是 deb**,这是一种更安全的方法。
页面原文内容由Ask Ubuntu提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://askubuntu.com/questions/1459005
复制相关文章
相似问题
腾讯云开发者
