我正在改变在一堆机器上安装docker的方式正如这里指出的那样。在一个上运行良好,但在这个上运行却很奇怪。
我已经导入了密钥:
sudo apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.uUGtmucAUd --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/atareao-telegram.gpg --keyring /etc/apt/trusted.gpg.d/neovim-ppa-unstable.gpg --keyring /etc/apt/trusted.gpg.d/nilarimogard-webupd8.gpg --keyring /etc/apt/trusted.gpg.d/ondrej-php-7_0.gpg --keyring /etc/apt/trusted.gpg.d/shutter-ppa.gpg --keyring /etc/apt/trusted.gpg.d/trustdb.gpg --keyring /etc/apt/trusted.gpg.d/trusted.gpg --keyring /etc/apt/trusted.gpg.d/vincent-c-ponysay.gpg --keyring /etc/apt/trusted.gpg.d/webupd8team-y-ppa-manager.gpg --keyring /etc/apt/trusted.gpg.d/xorg-edgers-ppa.gpg --keyserver hkp://pgp.mit.edu:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
gpg: requesting key 2C52609D from hkp server pgp.mit.edu
gpg: [don't know]: invalid packet (ctb=01)
gpg: keydb_get_keyblock failed: eof
gpg: key 2C52609D: public key "Docker Release Tool (releasedocker) <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
但仍然sudo apt-get update因缺少密钥而失败:
w: GPG error: https://apt.dockerproject.org ubuntu-trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F76221572C52609D
我错过了什么?
我也尝试了当前提供的答案,但删除trusted.gpg文件后,我无法添加密钥
root@fluttershy:/etc/apt# rm trusted.gpg
root@fluttershy:/etc/apt# apt-key update
gpg: [don't know]: invalid packet (ctb=01)
gpg: keydb_get_keyblock failed: eof
gpg: key 437D05B5: public key "Ubuntu Archive Automatic Signing Key <[email protected]>" imported
gpg: [don't know]: invalid packet (ctb=01)
gpg: keydb_get_keyblock failed: eof
gpg: key FBB75451: public key "Ubuntu CD Image Automatic Signing Key <[email protected]>" imported
gpg: [don't know]: invalid packet (ctb=01)
gpg: keydb_get_keyblock failed: eof
gpg: key C0B21F32: public key "Ubuntu Archive Automatic Signing Key (2012) <[email protected]>" imported
gpg: [don't know]: invalid packet (ctb=01)
gpg: keydb_get_keyblock failed: eof
gpg: key EFE21092: public key "Ubuntu CD Image Automatic Signing Key (2012) <[email protected]>" imported
gpg: Total number processed: 4
gpg: imported: 4 (RSA: 2)
root@fluttershy:/etc/apt#
答案1
gpg 出现invalid packet (ctb=01)/错误keydb_get_keyblock failed: eof。这通常意味着您的 GPG 密钥环已损坏。修复此问题的最快方法是删除它,或从备份中恢复它。
以下是一些方便您使用的命令:
列出 APT 密钥环中当前的所有密钥:
apt-key listtrusted.gpg要从 APT 自动备份恢复:cp /etc/apt/trusted.gpg{~,}要删除它
trusted.gpg并使用 Ubuntu 存档的密钥重新创建它:rm /etc/apt/trusted.gpg apt-key update
在所有的命令中我都用过/etc/apt/trusted.gpg,但要注意里面可能还有其他钥匙圈/etc/apt/trusted.gpg.d/。
APT 同时使用所有密钥环,通过检查输出您可以看到:
Executing: gpg [...] \
--keyring /etc/apt/trusted.gpg \
--primary-keyring /etc/apt/trusted.gpg \
--keyring /etc/apt/trusted.gpg.d/atareao-telegram.gpg \
--keyring /etc/apt/trusted.gpg.d/neovim-ppa-unstable.gpg \
--keyring /etc/apt/trusted.gpg.d/nilarimogard-webupd8.gpg \
[...]
一个密钥环损坏会让 GPG 感到沮丧,所有密钥环(即使是好的密钥环)都不再受信任。因此,所有密钥都不被考虑。
答案2
具体来说,为 Docker 密钥环58118E89F3A912897C070ADBF76221572C52609D添加密钥服务器:
sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D