无法向 Ubuntu 22.04 添加公钥

无法向 Ubuntu 22.04 添加公钥

我在尝试更新 ubuntu 时遇到错误。我尝试使用以下命令将错误中提到的密钥手动添加到我的系统中:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 871920D1991BC93C

但它没有做出任何改变,我仍然得到同样的错误。我也有点担心我的存储库。我觉得我这里漏掉了一些东西。

    sudo apt-get update
Hit:1 http://archive.canonical.com/ubuntu jammy InRelease
Get:2 http://archive.ubuntu.com/ubuntu jammy InRelease [270 kB]                                         
Hit:3 https://dl.winehq.org/wine-builds/ubuntu jammy InRelease                                          
Hit:4 https://repositories.intel.com/graphics/ubuntu focal InRelease                                    
Get:5 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [119 kB]                  
Get:6 http://archive.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Get:7 http://archive.ubuntu.com/ubuntu jammy-backports InRelease [107 kB]
Err:1 http://archive.canonical.com/ubuntu jammy InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Err:4 https://repositories.intel.com/graphics/ubuntu focal InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9B10C065DBB72B06
Err:2 http://archive.ubuntu.com/ubuntu jammy InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Hit:8 https://repositories.intel.com/graphics/ubuntu jammy InRelease
Err:5 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Err:6 http://archive.ubuntu.com/ubuntu jammy-security InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Err:7 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://archive.canonical.com/ubuntu jammy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://repositories.intel.com/graphics/ubuntu focal InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9B10C065DBB72B06
W: GPG error: http://archive.ubuntu.com/ubuntu jammy InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-updates InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-security InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-security InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://archive.ubuntu.com/ubuntu jammy-backports InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 871920D1991BC93C
E: The repository 'http://archive.ubuntu.com/ubuntu jammy-backports InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

这是我的来源列表输出,我认为它不应该是正确的,因为我自己更改了它。22.04 的默认输出让我遇到了很多麻烦,所以我决定回溯一点时间:

# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://archive.ubuntu.com/ubuntu/ focal main restricted
deb-src http://archive.ubuntu.com/ubuntu/ focal main restricted

## Major bug fix updates produced after the final release of the
## distribution.
deb http://archive.ubuntu.com/ubuntu/ focal-updates main restricted
deb-src http://archive.ubuntu.com/ubuntu/ focal-updates main restricted

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://archive.ubuntu.com/ubuntu/ focal universe
deb-src http://archive.ubuntu.com/ubuntu/ focal universe
deb http://archive.ubuntu.com/ubuntu/ focal-updates universe
deb-src http://archive.ubuntu.com/ubuntu/ focal-updates universe

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu 
## team, and may not be under a free licence. Please satisfy yourself as to 
## your rights to use the software. Also, please note that software in 
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://archive.ubuntu.com/ubuntu/ focal multiverse
deb-src http://archive.ubuntu.com/ubuntu/ focal multiverse
deb http://archive.ubuntu.com/ubuntu/ focal-updates multiverse
deb-src http://archive.ubuntu.com/ubuntu/ focal-updates multiverse

## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse
deb-src http://archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse

## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
# deb http://archive.canonical.com/ubuntu focal partner
# deb-src http://archive

以下是所有更改之后 sudo apt-get update 的输出:

sudo apt-get update
Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease
Hit:2 http://archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:3 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Reading package lists... Done
W: http://archive.ubuntu.com/ubuntu/dists/focal/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://archive.ubuntu.com/ubuntu/dists/focal-updates/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://archive.ubuntu.com/ubuntu/dists/focal-backports/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.

我仍然有问题

答案1

在 Ubuntu 22.04 中,密钥处理方式发生了很多变化apt。也就是说,apt-key弃用了密钥管理,转而采用每个存储库的直接密钥环管理。

我将假设您的主/etc/apt/sources.list文件专门指向ubuntu.lafibre.info非标准镜像的所有内容。

目前唯一正确的方法是将主密钥环密钥下载到其中之一/etc/apt/keyrings/,然后将它们逐个添加到存储库设置中,或者将它们添加/etc/apt/trusted.gpg.d任何事物使用该密钥签名将受到信任:

gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 871920D1991BC93C
gpg --export 871920D1991BC93C | sudo tee /etc/apt/trusted.gpg.d/ubuntu.lafibre.info.gpg

这将首先将密钥下载到您的标准gnupg密钥环。然后我们获取该密钥并将其以可读格式导出到文件中,/etc/apt/trusted.gpg.d/ubuntu.lafibre.info.gpg当您运行 时,该文件应该可以工作sudo apt update

运行sudo apt update它现在就可以工作了。

注意:如果您这样做,则表示您信任 PGP / GPG 密钥来签署任何存储库,因此这不是最安全的方法。更安全的方法是下载此密钥,然后将/etc/apt/keyrings/ubuntu.lafibre.info.gpg使用此 URL 的每一行更改为deb [ signed-by=/etc/apt/keyrings/ubuntu.lafibre.info.gpg ]开头的 而不是deb,这是更安全的方法。

相关内容