我正在尝试使用下载一些软件包二进制文件dget,但我不断收到“无公钥”错误。
dget http://deb.debian.org/debian/pool/main/g/gl-image-display/gl-image-display_0.10-2.dsc
返回输出
dget: retrieving http://deb.debian.org/debian/pool/main/g/gl-image-display/gl-image-display_0.10-2.dsc
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2243 100 2243 0 0 9080 0 --:--:-- --:--:-- --:--:-- 9080
dget: using existing gl-image-display_0.10.orig.tar.gz
dget: using existing gl-image-display_0.10-2.debian.tar.xz
dscverify: gl-image-display_0.10-2.dsc failed signature check:
gpg: WARNING: no command supplied. Trying to guess what you mean ...
gpg: Signature made Wed 06 Apr 2022 04:57:07 PM MDT
gpg: using RSA key B5E2FA190FDF9AFE218889CFACC7C2CF30941188
gpg: Can't check signature: No public key
Validation FAILED!!
我尝试使用配置变量DGET_VERIFY=no来禁用检查下载的源包的签名。 (看文档),但我仍然遇到同样的错误。
如何修复此错误或禁用验证检查?
答案1
手册页指示dget -u将禁用验证。我之前没有使用过dget,所以我不知道这个命令行选项是否与config变量具有相同的效果,但值得尝试。
答案2
从 Debian 的密钥服务器下载公钥,以便您可以对其进行验证:
$ gpg --keyserver keyring.debian.org \
> --recv-keys B5E2FA190FDF9AFE218889CFACC7C2CF30941188
gpg: key ED63B6125A1D1561: public key imported
gpg: Total number processed: 1
gpg: imported: 1
然后你可以dget那个包:
$ dget http://deb.debian.org/debian/pool/main/g/gl-image-display/gl-image-display_0.10-2.dsc
dget: retrieving http://deb.debian.org/debian/pool/main/g/gl-image-display/gl-image-display_0.10-2.dsc
dget: retrieving http://deb.debian.org/debian/pool/main/g/gl-image-display/gl-image-display_0.10.orig.tar.gz
dget: retrieving http://deb.debian.org/debian/pool/main/g/gl-image-display/gl-image-display_0.10-2.debian.tar.xz
gl-image-display_0.10-2.dsc:
Good signature found
validating gl-image-display_0.10.orig.tar.gz
validating gl-image-display_0.10-2.debian.tar.xz
All files validated successfully.
dpkg-source: info: extracting gl-image-display in gl-image-display-0.10
dpkg-source: info: unpacking gl-image-display_0.10.orig.tar.gz
dpkg-source: info: unpacking gl-image-display_0.10-2.debian.tar.xz