Reputation: 909
GPG error: http://archive.debian.org lenny/updates Release: The following signatures were invalid: KEYEXPIRED 1356982504
I am getting following error while update my source lists
$ sudo apt-get update
Reading package lists... Done
W: GPG error: http://archive.debian.org lenny/updates Release: The following signatures were invalid: KEYEXPIRED 1356982504
W: You may want to run apt-get update to correct these problems
How to resolve this issue?
Upvotes: 9
Views: 51958
Answers (5)
Reputation: 1628
One of the way to get around this when you're unable to upgrade to new system is to flag repos as trusted. by adding [trusted=yes] to /etc/apt/sources.list
deb [trusted=yes] http://archive.debian.org/debian jessie main
Upvotes: 0
Reputation: 2836
One way to resolve this issue is to, refresh GPG keys so that local keyrings can successfully verify the signatures
RUN apt-get update && apt-get install -y debian-archive-keyring && apt-get clean
Upvotes: 0
Reputation: 165
I had the same issue and I just change the system date
date --set 2008-01-01
then try to update
apt-get update
Upvotes: 12
Reputation: 372
At the end any of this answers solve my issue.
What I did is recheck for the latest available sources. In my case
###### Debian Main Repos
deb http://ftp.au.debian.org/debian/ wheezy main contrib non-free
deb-src http://ftp.au.debian.org/debian/ wheezy main contrib non-free
###### Debian Update Repos
deb http://security.debian.org/ wheezy/updates main contrib non-free
deb http://ftp.au.debian.org/debian/ wheezy-proposed-updates main contrib non-free
deb-src http://security.debian.org/ wheezy/updates main contrib non-free
deb-src http://ftp.au.debian.org/debian/ wheezy-proposed-updates main contrib non-free
I generate them using this website. https://debgen.simplylinux.ch/ Debian Source generator.
Then I update the keys in the repo.
apt-get install debian-keyring debian-archive-keyring
apt-key update
Then again try to update
apt-get update
That will probably fix the issue.
Fetched 67.5 kB in 2min 0s (560 B/s)
Reading package lists... Done
If you still problems with some keys follow the next steps per key.
You need to add the key manually from another server. In this case the missing key is 55BE302B
So you have to do:
gpg --keyserver pgpkeys.mit.edu --recv-key 55BE302B
gpg -a --export 55BE302B | sudo apt-key add -
It will import the key and then you add them to the sources.
root@XXX:~# gpg --keyserver pgpkeys.mit.edu --recv-key 55BE302B
gpg: requesting key 55BE302B from hkp server pgpkeys.mit.edu
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 55BE302B: public key "Debian Archive Automatic Signing Key (5.0/lenny) <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
root@XXX:~# gpg -a --export 55BE302B | sudo apt-key add -
OK
I hope this help anyone facing the same issue.
Upvotes: 9
Reputation: 1748
To find any expired repository keys and their IDs, use apt-key as follows:
apt-key list | grep expired
You will get a result similar to the following:
pub 4096R/BE1DB1F1 2011-03-29 [expired: 2014-03-28]
The key ID is the bit after the / i.e. BE1DB1F1 in this case.
To update the key, run
sudo apt-key adv --recv-keys --keyserver keys.gnupg.net BE1DB1F1
Upvotes: 15
Related Questions
- Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead
- How to fix "invalid signature when apt-get update" error?
- Debian 8 Jessie archive.debian.org GPG error KEYEXPIRED since 2022-11-19 (what now?)
- GPG error (EXPKEYSIG) while on apt update on Ubuntu
- NO_PUBKEY and KEYEXPIRED
- Linux Debian apt-get update ERROR / Atom missing GPG key
- Debian: gpg: error reading '[stdin]': General error
- GPG Error Updating Ubuntu/Debian Packages
- BAD signature from "Debian CD signing key <[email protected]>"
- Ubuntu 12.04 apt-get update GPG error