Mailinglist Archive: opensuse-buildservice (41 mails)

< Previous Next >
Re: [opensuse-buildservice] Invalid signatures on Debian repositories
On Sat, 09 Mar 2019 18:23:05 +0000
"R. Tyler Croy" <rtyler@xxxxxxxxxxx> wrote:


I've recently started pitching in to help maintain Apache:MirrorBrain and I
cannot figure out for the life of me why the Debian repos are signed with what
appears to be either an invalid key, or bad ciphers.

Running an `apt-get update` after adding the repo and the key found here
( results in the
following warning and an inability to install any packages:

W: GPG error:
Release: The following signatures were invalid:
E: The repository
Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore
disabled by default.

I'm a bit at a loss as to what I can do within the OBS portal or from the
command line to rectify this. I would appreciate pointers :)

The problem is your key is dsa1024; recent versions of apt and apt-get require
at least rsa2048.

Rosanne DiMesio <dimesio@xxxxxxxxx>
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >