Blog

Fixing Ubuntu's GPG error issue

For weeks my Ubuntu Karmic Koala workstation has been plagued by an apt error telling me that my public keys were not available...

It seems I have not been alone in experiencing some bad Karma with the otherwise excellent Ubuntu Karmic Koala 9.10. For the past few weeks, since fiddling with my sources.list, I've been getting some annoying messages when I run sudo apt-get update.

At first, I tried removing the offending servers from my sources.list, but I still received the error.

W: GPG error: http://archive.canonical.com karmic Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5

W: GPG error: http://gb.archive.ubuntu.com karmic Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5

W: GPG error: http://gb.archive.ubuntu.com karmic-updates Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5

W: GPG error: http://gb.archive.ubuntu.com karmic-security Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5

Adding the missing keys

Following some advice from the Ubuntu Forums, I realised that what I needed to do what to update the list of keys held locally and get the missing keys added.

For each key, I tried running the following command: gpg --keyserver keyserver.ubuntu.com --recv 40976EAF437D05B5 (where 40976EAF437D05B5 was the offending key). However, when I re-ran sudo apt-get update, I still got the same errors.

A closer look, revealed that the lengthy "key" lists in my error messages were actually different to those I was seeing in the successful commands used by others in the Linux community. Their keys all started with 437 and were much shorter - so I tried chopping a chunk off the beginning of the string to produce a command like: gpg --keyserver keyserver.ubuntu.com --recv 437D05B5

And then ran this: gpg --keyserver keyserver.ubuntu.com --recv 437D05B5; gpg --export --armor 437D05B5 | sudo apt-key add -; gpg --keyserver keyserver.ubuntu.com --recv 437D05B5; gpg --export --armor 437D05B5 | sudo apt-key add -; sudo apt-get update

Unfortunately, that didn't seem to do anything either...

Invalid packet...

Trying the following commands also gives me a nasty looking error:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 40976EAF437D05B5

matt@q9550:/etc/apt$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys

Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys

matt@q9550:/etc/apt$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 40976EAF437D05B5

gpg: requesting key 437D05B5 from hkp server keyserver.ubuntu.com

gpg: [don't know]: invalid packet (ctb=23)

gpg: keydb_get_keyblock failed: eof

gpg: [don't know]: invalid packet (ctb=23)

gpg: /etc/apt/trusted.gpg: copy to `/etc/apt/trusted.gpg.tmp' failed: invalid packet

gpg: error writing keyring `/etc/apt/trusted.gpg': invalid packet

gpg: [don't know]: invalid packet (ctb=23)

gpg: keydb_search failed: invalid packet

gpg: key 437D05B5: public key "[User ID not found]" imported

gpg: error reading `[stream]': invalid packet

gpg: Total number processed: 0