apt 假装密钥不可用。事实并非如此

apt 假装密钥不可用。事实并非如此

我删除了 /var/lib/apt 和 /var/cache/apt,因为我遇到了 apt 的奇怪问题,无法摆脱。

现在我总是得到:

Get:1 http://security-cdn.debian.org buster/updates InRelease [65.4 kB]
Err:1 http://security-cdn.debian.org buster/updates InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AA8E81B4331F7F50 NO_PUBKEY 112695A0E562B32A
Reading package lists... Done
W: GPG error: http://security-cdn.debian.org buster/updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AA8E81B4331F7F50 NO_PUBKEY 112695A0E562B32A
E: The repository 'http://security.debian.org buster/updates InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

这显然不是事实。但是,好的,删除 /etc/apt/trusted.gpg 并重新开始:

# rm /etc/apt/trusted.gpg
# apt-key adv --keyserver pgp.mit.edu --recv-keys AA8E81B4331F7F50
Executing: /tmp/apt-key-gpghome.DwxpIbllfu/gpg.1.sh --keyserver pgp.mit.edu --recv-keys AA8E81B4331F7F50
gpg: key EDA0D2388AE22BA9: public key "Debian Security Archive Automatic Signing Key (9/stretch) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
# apt-key adv --keyserver pgp.mit.edu --recv-keys 112695A0E562B32A
Executing: /tmp/apt-key-gpghome.TFiPCm4ThF/gpg.1.sh --keyserver pgp.mit.edu --recv-keys 112695A0E562B32A
gpg: key 4DFAB270CAA96DFA: public key "Debian Security Archive Automatic Signing Key (10/buster) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
# apt-key list
/etc/apt/trusted.gpg
--------------------
pub   rsa4096 2017-05-22 [SC] [expires: 2025-05-20]
      6ED6 F5CB 5FA6 FB2F 460A  E88E EDA0 D238 8AE2 2BA9
uid           [ unknown] Debian Security Archive Automatic Signing Key (9/stretch) <[email protected]>
sub   rsa4096 2017-05-22 [S] [expires: 2025-05-20]

pub   rsa4096 2019-04-14 [SC] [expires: 2027-04-12]
      5E61 B217 265D A980 7A23  C5FF 4DFA B270 CAA9 6DFA
uid           [ unknown] Debian Security Archive Automatic Signing Key (10/buster) <[email protected]>
sub   rsa4096 2019-04-14 [S] [expires: 2027-04-12]

# apt update
Get:1 http://security-cdn.debian.org buster/updates InRelease [65.4 kB]
Err:1 http://security-cdn.debian.org buster/updates InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AA8E81B4331F7F50 NO_PUBKEY 112695A0E562B32A
Reading package lists... Done
W: GPG error: http://security-cdn.debian.org buster/updates InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AA8E81B4331F7F50 NO_PUBKEY 112695A0E562B32A
E: The repository 'http://security.debian.org buster/updates InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Apt 所传达的信息与事实相去甚远。这是在撒谎!怎么会这样?

附言:我应该说,在删除 /var/lib/apt 和 /var/apt/cache 之前,我创建了一个备份。当我将备份复制回来时,没有任何变化。所以似乎有其他问题。

PSS:我还删除了 /etc/apt、/var/lib/apt、/var/cache/apt,并通过“dpkg -i apt_1.8.2_amd64.deb”重新安装了 apt。所有目录都从头开始重新创建,但 apt update 仍然失败,并出现相同的错误!

答案1

一般来说,直接删除系统目录不是一个好主意。如果您需要清理某个软件包,最好先清除它,然后重新安装。您的系统可能处于只能手动修复的状态,但我会尝试提供可能最简单可行的解决方案。

要获取 Debian 的正确密钥,您应该清除然后重新安装该debian-archive-keyring软件包。此软件包在正确的位置提供了所有 Debian 存档密钥,并正确安装它们以apt供使用。这些密钥存在/etc/apt并且是正常运行所必需的。

相关内容