readthefuckingmanual.net

[SOLVED] E: Failed to fetch https://deb.qubes-os.org/r4.0/vm/dists/bullseye/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 43B760F197CA1BF5

Error added: 2024-08-21T19:27:35Z

1 people waiting for the answer...

2 answers found.

Answer 2839 (0.0% helpful)

I don't understand this error, or why it's not using the key specified.
Is there a duplicate key on the keyservers with the same last 16 characters that's causing problems?

# apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 43B760F197CA1BF5
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
Executing: /tmp/apt-key-gpghome.skO96wVLnp/gpg.1.sh --recv-keys --keyserver keyserver.ubuntu.com 43B760F197CA1BF5
gpg: key 43B760F197CA1BF5: public key "Qubes OS 4 Debian Packages Signing Key" imported
gpg: Total number processed: 1
gpg:               imported: 1
# apt-get update
Hit:1 https://deb.debian.org/debian bullseye InRelease
Get:2 https://deb.qubes-os.org/r4.0/vm bullseye InRelease [2,510 B]
Err:2 https://deb.qubes-os.org/r4.0/vm bullseye InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 43B760F197CA1BF5
Reading package lists... Done
W: GPG error: https://deb.qubes-os.org/r4.0/vm bullseye InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 43B760F197CA1BF5
E: The repository 'https://deb.qubes-os.org/r4.0/vm bullseye InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Permalink

Answer 2841 (0.0% helpful)

I have the key, and it is a good signature:

# gpg --verify /var/lib/apt/lists/partial/deb.qubes-os.org_r4.0_vm_dists_bullseye_InRelease 
gpg: Signature made Tue 12 Jul 2022 18:08:50 BST
gpg:                using RSA key A55DC100FFD712ADB92B5B1043B760F197CA1BF5
gpg: Good signature from "Qubes OS 4 Debian Packages Signing Key" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: A55D C100 FFD7 12AD B92B  5B10 43B7 60F1 97CA 1BF5


So why is apt-get update refusing to use it?
Permalink

Add an answer/solution

If you know the answer, please add your own solution below.
If you don't know, but find out later, please come back and share your answer - there will be other people struggling with this too.


Please enter 61948 here

If you want to be notified via email when this is solved, enter your email address here: