Usuários Debian ou Ubuntu, ou um de seus derivados, frequentemente encontram problema de chave ao realizar um "apt-get update", como abaixo:


root@musashi:DEBIAN# apt-get update
Get:1 http://dl.google.com stable Release.gpg [189 B]
Ign http://dl.google.com/linux/chrome/deb/ stable/main Translation-en
Hit http://ftp.de.debian.org squeeze Release.gpg
[... várias linhas suprimidas ...]
Hit ftp://debian.oregonstate.edu testing/main i386 Packages/DiffIndex
Hit ftp://debian.oregonstate.edu testing/contrib i386 Packages/DiffIndex
Hit ftp://debian.oregonstate.edu testing/non-free i386 Packages/DiffIndex
Fetched 5,197 B in 49s (104 B/s)
Reading package lists... Done

W: GPG error: http://deb.opera.com squeeze Release: The following signatures 
 couldn't be verified because the public key is not available: NO_PUBKEY F9A2F76A9D1A0061
W: GPG error: http://mirror.home-dn.net squeeze Release: The following signatures 
 couldn't be verified because the public key is not available: NO_PUBKEY 07DC563D1F41B907
W: GPG error: http://www.lamaresh.net squeeze Release: The following signatures 
 couldn't be verified because the public key is not available: NO_PUBKEY 905C75258D4B24D2
W: GPG error: http://mirror.home-dn.net testing Release: The following signatures 
 couldn't be verified because the public key is not available: NO_PUBKEY 07DC563D1F41B907
W: GPG error: http://www.debian-multimedia.org testing Release: The following signatures 
 couldn't be verified because the public key is not available: NO_PUBKEY 07DC563D1F41B907
W: GPG error: http://debian-multimedia.org squeeze Release: The following signatures 
 couldn't be verified because the public key is not available: NO_PUBKEY 07DC563D1F41B907

O erro de GPG mostrado é causado pela falta dessas chaves no sistema de controle do apt, o chamado chaveiro GPG (em geral localizado em "/etc/apt/trusted.gpg"). Essas chaves assinam os pacotes DEB instalados, garantido que os mesmos não foram modificados no repositório, evitando a instalação de "cavalos de tróia" e coisas de gênero (note que isso não garante a origem do pacote, por isso sempre use repositórios confiáveis).

Para corrigir, nada mais fácil que um scriptzinho, utilizando as chaves mostradas na saída de erro:


for key in F9A2F76A9D1A0061 07DC563D1F41B907 905C75258D4B24D2 \
  07DC563D1F41B907 07DC563D1F41B907 07DC563D1F41B907
   do 
   gpg --keyserver keyserver.ubuntu.com --recv $key | \ 
   gpg --export --armor | apt-key add -
done

A saída será algo como:


gpg: requesting key 1F41B907 from hkp server keyserver.ubuntu.com
gpg: key 1F41B907: "Christian Marillat " not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
OK

para cada chave. O próximo "apt-get update" já não apresentará os mesmos problemas.

=-=-=-=-=
Powered by Blogilo

Update 2022-08-29: trocado subkeys.pgp.net por keyserver.ubuntu.com uma vez que o primeiro parece estar fora do ar.

We use cookies

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.