Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Issues prevent updates
#1
Attempts to do the first update after install (rc4) ends in failure. Is this a problem at my end? 
I have used various Debian-based Linux distros over the years, and usually apt or apt-get just works.
It looks like a problem at the repo end (I wouldn't be "signing" their repo, would I?) Is this just a matter of waiting?

sudo apt-get update
Hit:1 http://security.debian.org bookworm-security InRelease
Hit:2 http://deb.debian.org/debian bookworm-backports InRelease                                             
Hit:3 http://ftp.us.debian.org/debian bookworm-updates InRelease                                           
Get:4 http://la.mxrepo.com/antix/bookworm bookworm InRelease [27.4 kB]                 
Hit:5 http://ftp.de.debian.org/debian bookworm InRelease
Err:4 http://la.mxrepo.com/antix/bookworm bookworm InRelease
  The following signatures were invalid: EXPKEYSIG DB36CDF3452F0C20 antiX Linux repo <repo@antixlinux.com>
Reading package lists... Done
W: GPG error: http://la.mxrepo.com/antix/bookworm bookworm InRelease: The following signatures were invalid: EXPKEYSIG DB36CDF3452F0C20 antiX Linux repo <repo@antixlinux.com>
E: The repository 'http://la.mxrepo.com/antix/bookworm bookworm InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Reply
#2
There's a long thread here and a suggested solution (which I haven't tried) at the very end (page 7).

It's not clear to me who's to blame, if anyone. As you say, apt and apt-get usually just work. The worst that can happen is that apt will ignore the repo, so it's safe to proceed anyway.
Reply
#3
All that's happening here is that APT is doing some basic signature checking and refusing to update from an unsigned repository.

Note that, from your output:

Quote:E: The repository 'http://la.mxrepo.com/antix/bookworm bookworm InRelease' is not signed.


This would seem to suggest that the repository itself is not signed and you may need to tinker with the settings for apt. But you might just need to replace the key with a fresh copy.

Another potential possibility is that they have update their signing key and your install media has an out of date key.

I believe the message prefix signify the following: W - Warning, E - Error, and N - Note.

P.S.

Just did a little digging for the sake of curiosity:

InRelease package list with in-line GPG signing
Release package list without GPG signing, which means you'd need to also pickup the corresponding Release.gpg to do the signature check.'

https://unix.stackexchange.com/questions...e-refer-to
https://wiki.debian.org/DebianRepository/Format
Reply
#4
how about Expired GPG Key?
Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)