Aapt最近更新(在 Debian不稳定中)为 SHA1 签名的存储库生成警告消息。我认为您应该授予 SHA2 签名存储库特权,但我使用一些尚不提供 SHA2 签名的软件,并且我仍然希望能够使用一个命令升级我的计算机apt-get update && apt-get dist-upgrade
(该命令被 SHA1 警告消息停止)。
我想知道如何摆脱这个阻止警告消息?
警告消息是:The repository is insufficiently signed
来源.列表:
## Debian unstable - dépôts officiels
deb http://ftp.fr.debian.org/debian/ unstable main contrib non-free
deb-src http://ftp.fr.debian.org/debian/ unstable main contrib non-free
## Debian testing - dépôts officiels
deb http://ftp.fr.debian.org/debian/ testing main contrib non-free
deb http://security.debian.org/ testing/updates main contrib non-free
## Debian stable - dépôts officiels
deb http://ftp.fr.debian.org/debian/ stable main contrib non-free
deb http://ftp.fr.debian.org/debian/ stable-updates main contrib non-free
deb http://security.debian.org/ stable/updates main contrib non-free
#------
# samsung printer
deb http://www.bchemnet.com/suldr/ debian extra
# Deb-multimedia
deb http://www.deb-multimedia.org sid main non-free
# SpiderOakONE
deb http://apt.spideroak.com/debian/ stable non-free
阻止更新消息:
# apt-get update
Hit:1 http://ftp.fr.debian.org/debian unstable InRelease
Hit:2 http://www.deb-multimedia.org sid InRelease
Hit:3 http://ftp.fr.debian.org/debian testing InRelease
Hit:4 http://security.debian.org testing/updates InRelease
Ign:5 http://ftp.fr.debian.org/debian stable InRelease
Hit:6 http://security.debian.org stable/updates InRelease
Hit:7 http://ftp.fr.debian.org/debian stable-updates InRelease
Hit:8 http://ftp.fr.debian.org/debian stable Release
Ign:9 http://download.opensuse.org/repositories/home:/selmf/Debian_8.0 InRelease
Hit:10 http://www.bchemnet.com/suldr debian InRelease
Hit:11 http://download.opensuse.org/repositories/home:/selmf/Debian_8.0 Release
Ign:12 http://apt.spideroak.com/debian stable InRelease
Get:13 http://apt.spideroak.com/debian stable Release [1 025 B]
Get:15 http://apt.spideroak.com/debian stable Release.gpg [189 B]
Fetched 1 214 B in 0s (1 628 B/s)
Reading package lists... Done
W: gpgv:/var/lib/apt/lists/www.bchemnet.com_suldr_dists_debian_InRelease: The repository is insufficiently signed by key 52C1D92CE6FC35F636B045C3C95104E509BAC46D (weak digest)
W: gpgv:/var/lib/apt/lists/download.opensuse.org_repositories_home:_selmf_Debian%5f8.0_Release.gpg: The repository is insufficiently signed by key 69CD0BB29BCA799AB242B1723F3411BE43F8BC1F (weak digest)
W: gpgv:/var/lib/apt/lists/partial/apt.spideroak.com_debian_dists_stable_Release.gpg: The repository is insufficiently signed by key FE45E5330B11DCF03247EF49A6FF22FF08C15DD0 (weak digest)
W: Failed to fetch http://apt.spideroak.com/debian/dists/stable/Release No Hash entry in Release file /var/lib/apt/lists/partial/apt.spideroak.com_debian_dists_stable_Release, which is considered strong enough for security purposes
E: Some index files failed to download. They have been ignored, or old ones used instead.
答案1
该存储库使用 SHA1 哈希进行签名,APT 不再支持该哈希。
除了降级到稳定版本之外,我不知道如何解决这个问题。
答案2
该警告意味着存储库的符号不正确,您必须再次导入它们。
如果存储库有下载网址,请尝试以下操作:
wget -qO - http://deb.opera.com/archive.key | sudo apt-key add -
或者:
sudo apt-key adv --keyserver <keyserver.ubuntu.com> --recv-keys <key id>