I'm using 9.3 and apt. When I try to update kaffeine for example I get this message: APT system reports: E: Error(s) while checking package signatures: 0 unsigned package(s) 4 package(s) with unknown signatures 0 package(s) with illegal/corrupted signatures I am using the rpmkeys component. How can I fix this? Thanks, Jerome
On 5/16/05, Jerome Lyles <susemail@hawaii.rr.com> wrote:
I'm using 9.3 and apt. When I try to update kaffeine for example I get this message:
APT system reports: E: Error(s) while checking package signatures: 0 unsigned package(s) 4 package(s) with unknown signatures 0 package(s) with illegal/corrupted signatures
I am using the rpmkeys component. How can I fix this?
Thanks, Jerome
The fast fix is to use --no-checksig (look at man apt). If you use Synaptic, go to internal options, and there set the option GPG::Check to false and click apply. The longest is to try to find which rpmkey you are missing. Cheers Sunny
On Monday 16 May 2005 20.27, Sunny wrote:
On 5/16/05, Jerome Lyles <susemail@hawaii.rr.com> wrote:
I'm using 9.3 and apt. When I try to update kaffeine for example I get this message:
APT system reports: E: Error(s) while checking package signatures: 0 unsigned package(s) 4 package(s) with unknown signatures 0 package(s) with illegal/corrupted signatures
I am using the rpmkeys component. How can I fix this?
Thanks, Jerome
The fast fix is to use --no-checksig (look at man apt). If you use Synaptic, go to internal options, and there set the option GPG::Check to false and click apply.
The longest is to try to find which rpmkey you are missing.
Cheers Sunny
The biggest problem is the fact that a lot of the packages are either NOT signed, or that the key used isn't available on the servers When the package provider publish a signed package and forget to publish the key it is kind of impossible to find the key anywhere. Also if the package isn't signed to begin with (as a lot of them in the Xorg pile) the possibility of finding a matching key also is NIL. The solution "set the option GPG::Check to false" circumvents the idea of signing to begin with. Just my 2 cents... -- /Rikard " Sharing knowledge is the most fundamental act of friendship. Because it is a way you can give something without loosing something." -R. Stallman --------------------------------------------------------------- Rikard Johnels email : rikjoh@norweb.se Mob : +46 763 19 76 25 PGP : 0x461CEE56 ---------------------------------------------------------------
On 5/16/05, Rikard Johnels <rikjoh@norweb.se> wrote:
The biggest problem is the fact that a lot of the packages are either NOT signed, or that the key used isn't available on the servers
When the package provider publish a signed package and forget to publish the key it is kind of impossible to find the key anywhere. Also if the package isn't signed to begin with (as a lot of them in the Xorg pile) the possibility of finding a matching key also is NIL.
The solution "set the option GPG::Check to false" circumvents the idea of signing to begin with.
Just my 2 cents...
Accepted :) That's why I suggest using GPG::Check only when you know what you are doing. Otherwise, you can set this setting permanently in /etc/apt/apt.conf.d/gpg-checker.conf That was not my advice, because that way you increase the security risk. Usually I set manually GPG::Check to false only manually, only for one package, and only all other efforts does not provide results (i..e. the package is unsigned, or I can not find the key anywhere).
--
/Rikard
" Sharing knowledge is the most fundamental act of friendship. Because it is a way you can give something without loosing something." -R. Stallman
--------------------------------------------------------------- Rikard Johnels email : rikjoh@norweb.se Mob : +46 763 19 76 25 PGP : 0x461CEE56 ---------------------------------------------------------------
Cheers Sunny
On Monday 16 May 2005 08:27, Sunny wrote:
On 5/16/05, Jerome Lyles <susemail@hawaii.rr.com> wrote:
I'm using 9.3 and apt. When I try to update kaffeine for example I get this message:
APT system reports: E: Error(s) while checking package signatures: 0 unsigned package(s) 4 package(s) with unknown signatures 0 package(s) with illegal/corrupted signatures
I am using the rpmkeys component. How can I fix this?
Thanks, Jerome
The fast fix is to use --no-checksig (look at man apt). If you use Synaptic, go to internal options, and there set the option GPG::Check to false and click apply.
The longest is to try to find which rpmkey you are missing.
Cheers Sunny
Any suggestion on how to go about finding the missing keys? Thanks, Jerome
participants (4)
-
Jerome Lyles -
Rikard Johnels -
Sunny -
Susemail