Debian 服务器警告 - 软件包无法验证

tag-icon tag-icon debian apt
Debian 服务器警告 - 软件包无法验证

尝试更新 Debian 服务器时,我收到以下警告:

WARNING: The following packages cannot be authenticated!
  e2fslibs e2fsprogs perl libperl5.20 perl-base perl-modules tar libapparmor1 libseccomp2 libsystemd0 libudev1 udev systemd ifupdown
  systemd-sysv libprocps3 procps libgpg-error0 libgcrypt20 libcomerr2 libss2 libssl-dev libssl1.0.0 git git-man libldap-common
  libldap-2.4-2 libcurl3-gnutls bash-completion libsqlite3-0 libfftw3-double3 libmagickwand-6.q16-2 libmagickcore-6.q16-2
  imagemagick-common curl libcurl3 libfastjson4 libglib2.0-0 liblognorm5 mysql-common libmysqlclient18 libpcap0.8 libpulse0 librbd1
  librados2 mosh rsyslog wget augeas-lenses ca-certificates-java dh-python htop libaugeas0 libcupsimage2 libcups2 libecj-java
  libglib2.0-data libnss-myhostname libtcnative-1 libtomcat8-java linux-libc-dev openssl python-pkg-resources python-pyinotify
  python3-pkg-resources shared-mime-info socat tmux tomcat8-common tomcat8
Install these packages without verification? [y/N] y
Get:1 http://ftp.fr.debian.org/debian/ jessie/main libboost-iostreams1.55.0 amd64 1.55.0+dfsg-3 [48.9 kB]
Get:2 http://ftp.debian.org/debian/ jessie-backports/main e2fslibs amd64 1.43.3-1~bpo8+1 [210 kB]
Get:3 http://ftp.fr.debian.org/debian/ jessie/main libboost-random1.55.0 amd64 1.55.0+dfsg-3 [30.3 kB]
Get:4 http://ftp.debian.org/debian/ jessie-backports/main e2fsprogs amd64 1.43.3-1~bpo8+1 [924 kB]
Get:5 http://ftp.debian.org/debian/ jessie-backports/main tar amd64 1.29b-1~bpo8+1 [752 kB]
Get:6 http://ftp.debian.org/debian/ jessie-backports/main libapparmor1 amd64 2.10.95-4~bpo8+2 [75.8 kB]

...etc

我看到没有使用 https。这是这里的问题吗?我该如何解决这个问题?

根据要求更新:

apt-key 列表:

/etc/apt/trusted.gpg
--------------------
pub   1024D/BA684223 2012-02-08 [expired: 2017-04-19]
uid                  isv:ownCloud OBS Project <isv:[email protected]>

pub   2048R/557BEFF9 2016-09-25 [expires: 2018-12-04]
uid                  isv:ownCloud OBS Project <isv:[email protected]>

pub   2048R/479BC94B 2013-08-26 [expires: 2018-08-25]
uid                  ownCloud build service <obsrun@localhost>
sub   2048R/8DE365D9 2013-08-26 [expires: 2018-08-25]
sub   2048D/86EB6027 2013-08-26 [expires: 2018-08-25]
sub   2048g/1722EF54 2013-08-26 [expires: 2018-08-25]

/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg
----------------------------------------------------------
pub   4096R/2B90D010 2014-11-21 [expires: 2022-11-19]
uid                  Debian Archive Automatic Signing Key (8/jessie) <[email protected]>

/etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg
-------------------------------------------------------------------
pub   4096R/C857C906 2014-11-21 [expires: 2022-11-19]
uid                  Debian Security Archive Automatic Signing Key (8/jessie) <[email protected]>

/etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg
-------------------------------------------------------
pub   4096R/518E17E1 2013-08-17 [expires: 2021-08-15]
uid                  Jessie Stable Release Key <[email protected]>

/etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg
-----------------------------------------------------------
pub   4096R/F66AEC98 2017-05-22 [expires: 2025-05-20]
uid                  Debian Archive Automatic Signing Key (9/stretch) <[email protected]>
sub   4096R/B7D453EC 2017-05-22 [expires: 2025-05-20]

/etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg
--------------------------------------------------------------------
pub   4096R/8AE22BA9 2017-05-22 [expires: 2025-05-20]
uid                  Debian Security Archive Automatic Signing Key (9/stretch) <[email protected]>
sub   4096R/331F7F50 2017-05-22 [expires: 2025-05-20]

/etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg
--------------------------------------------------------
pub   4096R/1A7B6500 2017-05-20 [expires: 2025-05-18]
uid                  Debian Stable Release Key (9/stretch) <[email protected]>

/etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg
----------------------------------------------------------
pub   4096R/46925553 2012-04-27 [expires: 2020-04-25]
uid                  Debian Archive Automatic Signing Key (7.0/wheezy) <[email protected]>

/etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg
-------------------------------------------------------
pub   4096R/65FFB764 2012-05-08 [expires: 2019-05-07]
uid                  Wheezy Stable Release Key <[email protected]>

答案1

我看到没有使用 https。这是这里的问题吗?

不,Debian 软件包使用签名哈希进行身份验证并且不要依赖运输的安全性。

我该如何解决这个问题?

与我最初评论的相反,您的apt(和apt-get,以及aptitude,它们都使用相同的密钥配置)使用适当的按键正确设置。这意味着该阶段发生了错误updateapt会抱怨在更新期间无法验证存储库索引。

您可以再试apt update一次;如果成功,一切都很好(除非您同时下载的软件包受到损害),否则该错误应该可以更好地提示正在发生的情况。

相关内容