Public key not available error
From MEPIS Documentation Wiki
Apt-get includes package authentication in order to improve security. You can still install non-authenticated packages, but if you want to take advantage of this feature do the following (note that not all the deb repositories implemented this feature, if you upgrade from such a repository you'll get a "packages could not be authenticated" warning).
Works for MEPIS 8, 8.5 and 11.
Enable the Community repositories, then install checkaptgpg with Synaptic. Then, when you get a warning about a public key not being available, run this application by clicking StartMenu > System > Check Apt GPG. Enter Y and then the root password. When it is finished, the window will disappear.
If you get a warning similar to this:
W: GPG error: ftp://ftp.nerim.net unstable Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 07DC563D1F41B907
Note the 16 character string of seemingly random numbers and letters? That is the public key, put that in place of <pubkey> in the instructions below.
- open konsole, type "su" and root password.
- gpg --keyserver keyserver.ubuntu.com --recv-keys <pubkey>
- gpg --armor --export <pubkey> | apt-key add -
- apt-get update
Keys may be on any of these servers as well:
1. If you get the following error when you try to add the key:
gpg: WARNING: unsafe ownership on configuration file `/home/username/.gnupg/gpg.conf'
Run this command in Konsole:
chown root:root ~/.gnupg/gpg.conf
2. If you are missing MEPIS key use this how-to: MEPIS key
You can use a script developed by Community members to do this task for you in the following way:
- Right-click the desktop Create New --> Text File, and name it gpgerror_fix
- Open the file and paste in the following:
#!/bin/sh # checkaptget - check the .gpg signed Release files for missing keys # Check if I am root for use later. if [ $(id -u) -ne 0 ]; then ROOT=0 else ROOT=1 fi # Will we need to be rerun as root? RERUN=0 # The location of the trusted keyring. APT_TRUSTED=/etc/apt/trusted.gpg # The location of the Release files. APT_LISTS=/var/lib/apt/lists # Get a list of repositories for which we have downloaded a Release file REPOSITORIES=`ls $APT_LISTS | grep Release$` # For each repository look for a matching Release.gpg signature for repo in $REPOSITORIES do echo Checking $repo RELEASE=$APT_LISTS/$repo GPG='' if [ -s $RELEASE.gpg ] then GPG=$RELEASE.gpg else if [ -s $APT_LISTS/partial/$repo.gpg ] then GPG=$APT_LISTS/partial/$repo.gpg else if [ -s $APT_LISTS/partial/$repo.gpg.reverify ] then GPG=$APT_LISTS/partial/$repo.gpg.reverify fi fi fi if [ $GPG ] then # We have found a Release.gpg signature ANSWER=`gpg -q --no-default-keyring --keyring $APT_TRUSTED --verify $GPG $RELEASE 2>&1` if [ $? -ne 0 ] then # GPG errored - # Assume that an ID was included in the error message in the form # ... ID <GPGID> ... IDFOUND=0 for xx in $ANSWER do if [ $IDFOUND -eq 0 ] then if [ "ID" = "$xx" ] then IDFOUND=1 fi else GPGKEY=$xx break fi done if [ $ROOT -eq 1 ]; then # We are root, so we can try to download the key. apt-key adv --keyserver hkp://subkeys.pgp.net --recv-key $GPGKEY # Assume it worked. else # We are not root, so output a message. echo " Missing GPG ID $GPGKEY" RERUN=1 fi else echo " Good GPG signature found." fi else echo " No GPG Release signature found." fi done if [ $RERUN -gt 0 ]; then echo echo "Rerun as root to download the missing keys." fi
- Save the file, then right-click it, click the Permissions tab, and check Is executable.
- Move the file to /usr/local/bin
- Now you can run the script by typing gpgerror_fix in a terminal, and it will check and fix all keys automatically.
- If you like, you can create a desktop link or menu entry for it; in the latter case, be sure to have it open in a terminal, and add "sleep 10" at the end of the script so you can see the results before it exits.