Sample Header Ad - 728x90

Author's GPG subkey has expired, what can I do?

2 votes
4 answers
2158 views
package-management encryption gpg software-updates pgp
I am trying to download an update for a piece of software, and my package manager says that the key is invalid and thus warns me. W: Failed to fetch https://deb.torproject.org/torproject.org/dists/buster/InRelease The following signatures were invalid: EXPKEYSIG 74A941BA219EC810 deb.torproject.org archive signing key Then the output after listing the key in GPG. 
pub   rsa2048/0xEE8CBC9E886DDD89 2009-09-04 [SC] [expires: 2022-08-05]
      Key fingerprint = A3C4 F0F9 79CA A22C DBA8  F512 EE8C BC9E 886D DD89
uid                   [ unknown] deb.torproject.org archive signing key
sub   rsa2048/0x74A941BA219EC810 2009-09-04 [S] [expires: 2020-11-23]
      Key fingerprint = 2265 EB4C B2BF 88D9 00AE  8D1B 74A9 41BA 219E C810
As you can see, the subkey has expired recent to writing this post. I went to the developer's website and the signing key is unchanged. How do I continue the software update without skipping the signing process?
Asked by disasterStrikes (23 rep)
Nov 26, 2020, 12:23 AM
Last activity: Jul 30, 2024, 03:55 PM
Sidebar Ad - 300x250
Related Questions

Browse more questions from Unix & Linux Stack Exchange

More questions tagged "package-management"
More questions tagged "encryption"
More questions tagged "gpg"
Footer Ad - 728x90