11

I try to update Debian but I get the following error message:

% sudo aptitude update
Hit http://deb.debian.org/debian bullseye InRelease
Hit http://deb.debian.org/debian-security bullseye-security InRelease
Hit http://deb.debian.org/debian bullseye-updates InRelease
Get: 1 https://cli.github.com/packages stable InRelease [3917 B]
Hit http://packages.azlux.fr/debian buster InRelease
Hit https://fasttrack.debian.net/debian-fasttrack bullseye-fasttrack InRelease
Hit https://fasttrack.debian.net/debian-fasttrack bullseye-backports-staging InRelease
Err https://cli.github.com/packages stable InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 23F3D4EA75716059
Hit https://packages.cloud.google.com/apt kubernetes-xenial InRelease
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://cli.github.com/packages stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 23F3D4EA75716059
W: Failed to fetch https://cli.github.com/packages/dists/stable/InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 23F3D4EA75716059
W: Some index files failed to download. They have been ignored, or old ones used instead.

It seems related to the following line in my /etc/apt/sources.list.d/github-cli.list:

deb [arch=amd64 signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main

So, what to do to fix this signature error?

Improve this question

2 Answers 2

Reset to default
22

So, what to do to fix this signature error?

The public key expired on September 2nd, 2022. This provides instructions on how to install the new certificate:

curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \
&& sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null \
&& sudo apt update \
&& sudo apt install gh -y
Improve this answer
5
  • 1
    All commands executed without error. Still I was getting the same error: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 23F3D4EA75716059. After running sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 23F3D4EA75716059 the key import was successful
    – Johannes Linkels
    Commented Jan 31, 2023 at 14:04
  • @JohannesLinkels - Sounds like you have a different issue. I can confirm my answer resolves the problems on the destructions listed on the provided link. Verify the file was actually updated.
    – Ramhound
    Commented Jan 31, 2023 at 14:18
  • 1
    Well, I also did the key import before I carried out the sequence you posted. Without result. Only after executing your commands and a new key import the error disappeared. I cannot explain that. It is even the key identical to the one of the OP. The only difference is that I run Debian Buster, not Bullseye. I added this comment to aid other members. Not to point out that you were not correct.
    – Johannes Linkels
    Commented Feb 1, 2023 at 15:38
  • @JohannesLinkels - So the commands worked and resolved your problem?
    – Ramhound
    Commented Feb 1, 2023 at 15:56
  • 1
    Yes, without the commands the key addition had no effect. And after running the commands adding the key was successful. But I had to add the key after running the commands. Actually, I only wanted to add that. And I upvoted your answer.
    – Johannes Linkels
    Commented Feb 2, 2023 at 17:03
1

I had the same error and was able to fix this by updating the clock

sudo hwclock --hctosys

then

sudo apt update

If PC has been sleeping/hipernating it may cause the hardware clock to be unsynced (im on WSL2). This caused Linux to see an incorrect time, which was too early for updates from the more recent repository.

Improve this answer
0

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .