我无法更新我的 Kali Linux,当尝试执行时,apt-get update我收到以下错误消息:
# apt-get update
Get:1 http://kali.mirror.garr.it/mirrors/kali kali-rolling InRelease [30.5 kB]
Err:1 http://kali.mirror.garr.it/mirrors/kali kali-rolling InRelease
The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <[email protected]>
Reading package lists... Done
W: GPG error: http://kali.mirror.garr.it/mirrors/kali kali-rolling InRelease: The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <[email protected]>
E: The repository 'http://kali.mirror.garr.it/mirrors/kali kali-rolling InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
如果您需要我的内核版本:
# uname -a
4.13.0-kali1-amd64 #1 SMP Debian 4.13.10-1kali2 (2017-11-08) x86_64 GNU/Linux
我怎样才能解决这个问题?
答案1
添加 gpg 密钥:
gpg --keyserver keyserver.ubuntu.com --recv-key 7D8D0BF6
检查指纹:
gpg --fingerprint 7D8D0BF6
示例输出:
pub rsa4096 2012-03-05 [SC] [expires: 2021-02-03]
44C6 513A 8E4F B3D3 0875 F758 ED44 4FF0 7D8D 0BF6
uid [ unknown] Kali Linux Repository <[email protected]>
sub rsa4096 2012-03-05 [E] [expires: 2021-02-03]
然后 :
gpg -a --export 7D8D0BF6 | apt-key add -
apt update
更新:2018 年 2 月 8 日。
请注意,如果您有一段时间没有更新 Kali 安装(tsk2),您将收到有关存储库密钥已过期的 GPG 错误 (
ED444FF07D8D0BF6)。幸运的是,通过以 root 身份运行以下命令可以很快解决这个问题:
wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add
最简单的解决方案是检索最新的密钥并将其存储在 apt 可以找到它的地方:
sudo wget https://archive.kali.org/archive-key.asc -O /etc/apt/trusted.gpg.d/kali-archive-keyring.asc
答案2
使用以下命令下载 kali 软件包存储库的密钥:
wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add
然后运行更新。
答案3
这是内置的。如果您已经使用 Kali 的存储库,则无需从外部源获取它:
$ sudo apt install kali-archive-keyring
我正在使用一个将 Kali 添加到 Debian 基础的系统,所以我必须指定版本。您可以按如下方式检查:
$ apt policy kali-archive-keyring
Installed: 2015.2
Candidate: 2015.2
Version table:
2018.1 1
1 http://http.kali.org/kali kali-rolling/main amd64 Packages
1 http://http.kali.org/kali kali-rolling/main i386 Packages
*** 2015.2 100
100 /var/lib/dpkg/status
$ sudo apt install kali-archive-keyring/kali-rolling
这样,您不必盲目相信您正在导入正确的密钥以防止中间人攻击,因为新密钥是由存储库中的旧密钥签名的。
更新:这是一个/etc/apt/sources.list.d/kali.list和/etc/apt/preferences.d/kali-repos.pref,设计为辅助于另一个发行版(如 Debian),这将在将来避免这个问题。
如果您还没有此存储库,因此无法获取此更新,您有两种选择:
1:前往https://http.kali.org/kali/pool/main/k/kali-archive-keyring/,下载 .deb 文件,然后通过以下方式安装dpkg -i kali-archive-keyring*.deb
2:无论如何都通过存储库添加它(在添加它之前它是“不安全的”,尽管您至少在上一步中受到 HTTPS 下载的保护):
$ sudo apt update -oAcquire::AllowInsecureRepositories=true
$ sudo apt install kali-archive-keyring
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
kali-archive-keyring
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 7,008 B of archives.
After this operation, 17.4 kB of additional space will be used.
Do you want to continue? [Y/n]
WARNING: The following packages cannot be authenticated!
kali-archive-keyring
Install these packages without verification? [y/N] y
…
您现在已同步到此答案的第一部分。考虑使用我链接到的 kali.list 和 kali-repos.pref ,这样你就不会重复这个问题。
答案4
老问题,但搜索时的最佳结果ED444FF07D8D0BF6这里。
尝试使用微软的指示在适用于 Linux 的 Windows 子系统(WSL 或 WSL2)中手动安装 Kali 目前会遇到此问题。该页面上链接的 Kali 发行版是 2019.2,因此安装后签名就已经过时了。
这里的其他答案在这一点上看起来已经过时了,引用了旧的密钥环包。此时,正确的更新包/流程是:
wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2022.1_all.deb
sudo dpkg -i kali-archive-keyring_2022.1_all.deb