Apt GPG error on fresh 2.2 install

[geir.helland@…]

On a fresh install of Zentyal 2.2 I get:

W: GPG error:  http://archive.zentyal.org 2.2 Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 76CB3C6D0D64EFEC W: GPG error:  http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E83F6EB10E239FF

I can install the last key with:

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E83F6EB10E239FF

, but the first key does not seem to be available on the keyserver:

root@zentyal-staging:~# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC gpg: requesting key 0D64EFEC from hkp server keyserver.ubuntu.com gpgkeys: key 76CB3C6D0D64EFEC not found on keyserver gpg: no valid OpenPGP data found. gpg: Total number processed: 0

Host information:

root@zentyal-staging:~# uname -a Linux zentyal-staging 2.6.32-34-server #77-Ubuntu SMP Tue Sep 13 20:54:38 UTC 2011 x86_64 GNU/Linux root@zentyal-staging:~# lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 10.04.3 LTS Release: 10.04 Codename: lucid

The error came after doing a full apt-get update/upgrade, so I suspect an upstream ubuntu package is responsible for your keys being removed/deleted.

Maybe you should make a new "zentyal-apt-keys" - package?

[jamor@…]

Hello Geir Helland and thanks for noticing this,

I can confirm that the commands now works correctly. Maybe it was a temporal glitch

Regards,

Javier

[jamor@…]

Command output:

jag@zapp:~/.VirtualBox/Machines$ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E83F6EB10E239FF 
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 0E83F6EB10E239FF
gpg: requesting key 10E239FF from hkp server keyserver.ubuntu.com
gpg: key 10E239FF: "Launchpad Zentyal 2.0 series" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

[vernmcc@…]

I am having the same problem, and while the command jamor posted fixed the launchpad key error, I am still getting this error:

W: GPG error:  http://archive.zentyal.org 2.2 Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 76CB3C6D0D64EFEC

[k@…]

Still cant download the zentyal key.. Should I try a keyserver different than ubuntu?

[fabrizio.salmi@…]

Replying to jamor@…: you got it!

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E83F6EB10E239FF apt-get update apt-get upgrade

worked for ubuntu+zentyal upgrade from 2.0.1 to 2.0.22

Command output:

jag@zapp:~/.VirtualBox/Machines$ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E83F6EB10E239FF 
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 0E83F6EB10E239FF
gpg: requesting key 10E239FF from hkp server keyserver.ubuntu.com
gpg: key 10E239FF: "Launchpad Zentyal 2.0 series" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

[aris@…]

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E83F6EB10E239FF

ok good..!!

[mustafa.zargar@…]

Do we have any certain solution for this or not? i mean i am still getting the following error while i try to fetch the key from ubuntu keyserver:

gpgkeys: key 0D64EFEC not found on keyserver gpg: no valid OpenPGP data found. gpg: Total number processed: 0

[jamor@…]

Hello Mustafa Zargar,

it works for me:

jag@zapp:/media/5876204f-615b-4d5a-bb1a-cbe7e82a7326/exchange$ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E83F6EB10E239FF
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 0E83F6EB10E239FF
gpg: requesting key 10E239FF from hkp server keyserver.ubuntu.com
gpg: key 10E239FF: "Launchpad Zentyal 2.0 series" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

Are you using exactly the same command?.

[mustafa.zargar@…]

yes...thatz exactly what i do:

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC

Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC gpg: requesting key 0D64EFEC from hkp server keyserver.ubuntu.com gpgkeys: key 76CB3C6D0D64EFEC not found on keyserver gpg: no valid OpenPGP data found. gpg: Total number processed: 0

[jamor@…]

Hello Musafa Zargar,

I think this is a network problem in your side.

In case you are behind a proxy, read this link  http://askubuntu.com/questions/23211/how-do-i-add-a-repository-from-behind-a-proxy

If not you should check that the connection to the server key is working.

Regards,

Javier

[rpark@…]

Hello,

I have the same problem. I was able to resolve one of the keys but the second is still causing trouble. Sorry for the posting here and on the forum but I was not getting a response back on the forum. Since this ticket was open and closed without resolution, I figure that it would be a good place to continue.

I've enter this command: apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC

and return this error: Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC gpg: requesting key 0D64EFEC from hkp server keyserver.ubuntu.com gpgkeys: key 76CB3C6D0D64EFEC not found on keyserver gpg: no valid OpenPGP data found. gpg: Total number processed: 0

[jamor@…]

For  http://archive.zentyal.org/ , try downloading and manually importing it to your keyring.

 http://keys.zentyal.org/zentyal-2.2-archive.asc

Regards,

Javier

[justin@…]

I wget'd the key and added it with apt-key. Worked. Bizarre. Is the key in fact (supposed to be) hosted on keyserver.ubuntu.com?

[jb@…]

Replying to justin@…:

I wget'd the key and added it with apt-key. Worked. Bizarre. Is the key in fact (supposed to be) hosted on keyserver.ubuntu.com?

[jb@…]

The wget method doesnt work - I'm still getting NO_PUBKEY 76CB3C6D0D64EFEC

apt-key list shows these keys after import of  http://keys.zentyal.org/zentyal-2.2-archive.asc

pub 1024D/0D64EFEC 2011-10-03 uid Zentyal (Packages Archive) <it@…> sub 2048g/1601E1D8 2011-10-03

I try to setup a local mirror with debmirror and still getting these errors

gpgv: Signature made Mon Oct 3 04:43:12 2011 CEST using DSA key ID 0D64EFEC [GNUPG:] ERRSIG 76CB3C6D0D64EFEC 17 2 00 1317609792 9 [GNUPG:] NO_PUBKEY 76CB3C6D0D64EFEC gpgv: Can't check signature: public key not found Errors:

Release signature does not verify

Failed to download some Release or Release.gpg files! WARNING: releasing 1 pending lock...

There seems something wrong with the sub key

Regards,

Joerg

[djsilas@…]

Hi,

I have same issue :(

t# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC
gpg: requesting key 0D64EFEC from hkp server keyserver.ubuntu.com
gpgkeys: key 76CB3C6D0D64EFEC not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

Thanks for your help!

[jamor@…]

This is not the correct key for the 2.2 ppa.

The correct is:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 10E239FF 

You can see the key in 'technicals details' in the launchpad page:  https://launchpad.net/~zentyal/+archive/2.2

Regards,

Javier

[geir.helland@…]

Zentyal installs two custom apt-repositories:

deb blogsmap-says-no:/ppa.launchpad.net/zentyal/2.2/ubuntu lucid main
deb blogsmap-says-no:/archive.zentyal.org/zentyal 2.2 main

Its the archive.zentyal.org key that is missing, not the PPA key.

root@www:/etc/apt/sources.list.d# LC_ALL=C apt-get update
..                              
Hit blogsmap-says-no:/ppa.launchpad.net lucid Release.gpg                               
Hit blogsmap-says-no:/ppa.launchpad.net lucid Release                                   
Hit blogsmap-says-no:/ppa.launchpad.net lucid/main Packages       
Get:1 blogsmap-says-no:/archive.zentyal.org 2.2 Release.gpg [198B]
Get:2 blogsmap-says-no:/archive.zentyal.org 2.2 Release [2310B]
Ign blogsmap-says-no:/archive.zentyal.org 2.2 Release
Ign blogsmap-says-no:/archive.zentyal.org 2.2/main Packages
Ign blogsmap-says-no:/archive.zentyal.org 2.2/main Packages
Hit blogsmap-says-no:/archive.zentyal.org 2.2/main Packages
Fetched 2508B in 0s (3369B/s)
Reading package lists... Done
W: GPG error: blogsmap-says-no:/archive.zentyal.org 2.2 Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 76CB3C6D0D64EFEC
root@www:/etc/apt/sources.list.d# LC_ALL=C apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC
gpg: requesting key 0D64EFEC from hkp server keyserver.ubuntu.com
gpgkeys: key 76CB3C6D0D64EFEC not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
root@www:/etc/apt/sources.list.d#

Also, its not a proxy problem, as downloading and installing key 0E83F6EB10E239FF works, only 76CB3C6D0D64EFEC fails.

root@www:/etc/apt/sources.list.d# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E83F6EB10E239FF
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 0E83F6EB10E239FF
gpg: requesting key 10E239FF from hkp server keyserver.ubuntu.com
gpg: key 10E239FF: public key "Launchpad Zentyal 2.0 series" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
root@www:/etc/apt/sources.list.d# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 76CB3C6D0D64EFEC
gpg: requesting key 0D64EFEC from hkp server keyserver.ubuntu.com
gpgkeys: key 76CB3C6D0D64EFEC not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
root@www:/etc/apt/sources.list.d#

To fix this bug, you should create a package which install the 76CB3C6D0D64EFEC key, then publish this to the PPA archive. To have it automagically install, you could also add a dependency to this new package in some other core zentyal package (on the ppa archive).

All URIs rewritten to get around the blogspam filter.

[geir.helland@…]

After downloading and installing the  http://keys.zentyal.org/zentyal-2.2-archive.asc key, the archive.zentyal.org gpg error goes away. From apt-key list I now see

pub   1024D/0D64EFEC 2011-10-03
uid                  Zentyal (Packages Archive) <it@zentyal.com>
sub   2048g/1601E1D8 2011-10-03

, so this is indeed the missing key.

Still, anyone installing Zentyal from scratch will have to manually download + install this key, so imho this is still a bug.

[jamor@…]

With 2.2 installer the correct key. As for scratch installation the user should import manually this key