Updating gpg key
KEYSERVER='keys.gnupg.net' NO_PUBKEY_LEN="$" echo "NO_PUBKEY_LEN='$'" # for sanity or debugging # note following works because bash arrays have 0-based indices NO_PUBKEY_2ND_HALF_START=$(( NO_PUBKEY_LEN/2 )) echo "NO_PUBKEY_2ND_HALF_START='$'" # ditto NO_PUBKEY_2ND_HALF="$" echo "NO_PUBKEY_2ND_HALF='$'" # ditto for CMD in \ 'date' \ "gpg --keyserver $ --recv-keys $" \ 'date' \ "gpg -a --export $ | sudo apt-key add -" \ ; do echo -e "$" eval "$" done if the other solutions do not work. I was getting a similar error for a PPA repository on Ubuntu 18.04 and after trying various solutions on the internet for the last month, I just stumbled on the gpg-agent and killed it.
To determine if packages are authentic, pacman uses Gnu PG keys in a web of trust model. At least three of these Master Signing Keys are used to sign the Developer's and Trusted User's own keys. Each user also has a unique PGP key, which is generated when you configure pacman-key.
But sometimes you may encounter the following situation: a KEYEXPIRED message.root# apt-get update && apt-get upgrade Get:1 xenial-security In Release [94.5 k B]Hit:2 xenial In Release Get:3 xenial-updates In Release [95.7 k B]Hit:4 xenial-backports In Release Hit:5 https://packages.cisofy.com/community/lynis/deb stable In Release Get:6 xenial-updates/main amd64 Packages [373 k B]Ign:7 xenial In Release Get:8 xenial Release [2,309 B]Get:9 xenial [287 B]Get:10 xenial-updates/main i386 Packages [368 k B]Get:11 xenial-updates/universe amd64 Packages [319 k B]Get:12 xenial-updates/universe i386 Packages [316 k B]Err:9 xenial The following signatures were invalid: KEYEXPIRED 1471427554Fetched 1,566 k B in 0s (2,003 k B/s)Reading package lists…
The repository list is then using German mirror repositories by default.
With an expired key, the solution is simple: we need to download an updated key. Using the apt-key utility we can display all the known keys. Keep learning So you are interested in Linux security?
Join the Linux Security Expert training program, a practical and lab-based training ground.
You can change this option later if you decide to enable package verification.
If you want to remove or reset all the keys installed in your system, you can remove is not present and/or not trusted in the local pacman-key gpg database.