Error updating Kali

Question

I have recently installed Kali Linux But when I enter the apt update command, it gives the following error:

└─$ sudo apt update
Err:1 http://kali.download/kali kali-rolling InRelease
  403  Forbidden [IP: 104.17.253.239 80]
Err:2 http://kali.download/kali kali-experimental InRelease
  403  Forbidden [IP: 104.17.253.239 80]
Reading package lists... Done
E: Failed to fetch http://http.kali.org/kali/dists/kali-rolling/InRelease  403  Forbidden [IP: 104.17.253.239 80]
E: The repository 'http://http.kali.org/kali kali-rolling InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Failed to fetch http://http.kali.org/kali/dists/kali-experimental/InRelease  403  Forbidden [IP: 104.17.253.239 80]
E: The repository 'http://http.kali.org/kali kali-experimental InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
N: Repository 'Kali Linux' changed its 'firmware component' value from 'non-free' to 'non-free-firmware'
N: More information about this can be found online at: https://www.kali.org/blog/non-free-firmware-transition/

Does anyone know why?

cfultz · Accepted Answer · 2024-07-07 14:45:29Z

While the root cause of the IP address 403'ing appears to be an issue with the apt gpg keys missing or they have changed.

From the output:

E: The repository 'http://http.kali.org/kali kali-rolling InRelease' is not signed.

You can update the key using: wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add

There is another answer that could assist with this: How can I get past a “Repository is not signed…”

From that answer, you can try the following:

apt-get update --allow-unauthenticated

From the man page:

Ignore if packages can't be authenticated and don't prompt about it. This can be useful while working with local repositories, but is a huge security risk if data authenticity isn't ensured in another way by the user itself. The usage of the Trusted option for sources.list(5) entries should usually be preferred over this global override. Configuration Item: APT::Get::AllowUnauthenticated.

Another option is to set it as trusted in your /etc/apt/sources.list:

deb [trusted=yes] http://http.kali.org/kali kali-rolling InRelease but that should be used with caution just in case of a MitM attack.

Stack Exchange Network

Error updating Kali

1 Answer 1

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged
linux
debian
updates
kali-linux
apt
.

Linked

Hot Network Questions

Error updating Kali

1 Answer 1

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged linuxdebianupdateskali-linuxapt.

Linked

Related

Hot Network Questions

Not the answer you're looking for? Browse other questions tagged
linux
debian
updates
kali-linux
apt
.