Unix & Linux Stack Exchange
Q&A for users of Linux, FreeBSD and other Unix-like operating systems
Latest Questions
-2
votes
1
answers
58
views
🛠️ Issue Summary – GPG Key Error When Running `sudo apt update` on Fresh Kali Install
Image -> https://postimg.cc/WtZ6QD3V <-Image Hi all, I just installed Kali Linux and ran: ```bash sudo apt update ``` But I got this error: ``` GPG error: http://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling InRelease: The following signatures couldn't be verified because the public key is not avai...
Image -> https://postimg.cc/WtZ6QD3V <-Image
Hi all,
I just installed Kali Linux and ran:
sudo apt updateGPG error: http://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling InRelease:
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 827CB569F2518CC677FECA1AED65462ECB5E4C5
E: The repository is not signed.apt-key being deprecated, and attempts to use curl | gpg returned a 404.
---
**What I Want:**
I don’t care about using the Tsinghua mirror — I just want a clean fix using the **official Kali sources and keys**.
---
**What I’ve Tried:**
* Replacing the mirror in /etc/apt/sources.list with the official Kali one.
* Using the modern gpg --dearmor method to import the official Kali archive key.
My sources.list [I copied it from chatgpt, its not the default one]
# See https://www.kali.org/docs/general-use/kali-linux-sources-list-repositories/
deb [signed-by=/etc/apt/keyrings/tuna-kali.gpg] http://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main non-free contrib
# Additional line for source packages
# deb-src http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware
Narci
(11 rep)
Jul 29, 2025, 03:49 PM
• Last activity: Jul 29, 2025, 04:45 PM
27
votes
8
answers
86950
views
Debian 8 Jessie KEYEXPIRED 1587841717
I've got the problem, that the "apt-get update" produced a KEYEXPIRED 1587841717 error: ``` # apt-get update ... W: GPG error: http://archive.debian.org jessie Release: The following signatures were invalid: KEYEXPIRED 1587841717 ``` Here my sources.list: ``` # cat /etc/apt/sources.list.d/sources.li...
I've got the problem, that the "apt-get update" produced a KEYEXPIRED 1587841717 error:
# apt-get update
...
W: GPG error: http://archive.debian.org jessie Release: The following signatures were invalid: KEYEXPIRED 1587841717# cat /etc/apt/sources.list.d/sources.list
deb http://http.debian.net/debian jessie main
deb http://http.debian.net/debian jessie contrib
deb http://archive.debian.org/debian jessie main
deb http://archive.debian.org/debian jessie contribapt-key list | grep expired -A1
pub 4096R/46925553 2012-04-27 [expired: 2020-04-25]
uid Debian Archive Automatic Signing Key (7.0/wheezy)
--
pub 4096R/65FFB764 2012-05-08 [expired: 2019-05-07]
uid Wheezy Stable Release Key
--
pub 4096R/B98321F9 2010-08-07 [expired: 2017-08-05]
uid Squeeze Stable Release Key
--
pub 4096R/473041FA 2010-08-27 [expired: 2018-03-05]
uid Debian Archive Automatic Signing Key (6.0/squeeze)
--
pub 4096R/65FFB764 2012-05-08 [expired: 2019-05-07]
uid Wheezy Stable Release Key
--
pub 4096R/46925553 2012-04-27 [expired: 2020-04-25]
uid Debian Archive Automatic Signing Key (7.0/wheezy)apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 46925553
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 65FFB764
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys B98321F9
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 473041FA# apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 46925553
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.Ue8AFETZOi --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian.gpg --keyring /etc/apt/trusted.gpg.d/php.gpg --keyring /etc/apt/trusted.gpg.d/turnkey.gpg --keyring /etc/apt/trusted.gpg.d/ubuntuzilla.firefox.gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 46925553
gpg: requesting key 46925553 from hkp server keyserver.ubuntu.com
gpg: key 46925553: "Debian Archive Automatic Signing Key (7.0/wheezy) " not changed
gpg: Total number processed: 1
gpg: unchanged: 1
Gunnar Gläser
(379 rep)
Jul 13, 2020, 08:02 PM
• Last activity: Jul 24, 2025, 04:20 AM
0
votes
1
answers
2611
views
gpgtar: encrypted packet with unknown version
I'm getting the error in the title (`aead encrypted packet with unknown version 29`), when trying to decrypt an encrypted file created in the same environment (Termux on Android, if it matters): ``` $ gpgtar --encrypt --output e -r attilio test $ ls e test $ gpgtar -d e gpgtar: gpg: encrypted with c...
I'm getting the error in the title (
aead encrypted packet with unknown version 29), when trying to decrypt an encrypted file created in the same environment (Termux on Android, if it matters):
$ gpgtar --encrypt --output e -r attilio test
$ ls
e test
$ gpgtar -d e
gpgtar: gpg: encrypted with cv25519 key, ID 74341D598FFF0056, created 2021-08-13
gpgtar: gpg: "attilio"
gpgtar: gpg: public key decryption failed: Not a typewriter
gpgtar: gpg: decryption failed: Not a typewriter
gpgtar: gpg: aead encrypted packet with unknown version 29
gpgtar: error running '/data/data/com.termux/files/usr/bin/gpg': exit status 2
Attilio
(385 rep)
Aug 13, 2021, 08:31 PM
• Last activity: Jul 5, 2025, 12:17 AM
0
votes
0
answers
18
views
GPG shows my own UID as [ full ] after re-importing signatures—even though it was [ ultimate ] when freshly generated
In GPG, my own uid presents as `[ full ]` rather than `[ ultimate ]`. ``` gpg --list-keys --with-sig-check ``` ``` pub ed25519 2025-07-02 [SC] [expires: 2030-07-01] GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG uid [ full ] Me sig!3 XXXXXXXXXXXXXXXX 2025-07-02 [self-signature] sig!3 XXXXXXXXXXXXXXXX 2025...
In GPG, my own uid presents as
[ full ] rather than [ ultimate ].
gpg --list-keys --with-sig-checkpub ed25519 2025-07-02 [SC] [expires: 2030-07-01]
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
uid [ full ] Me
sig!3 XXXXXXXXXXXXXXXX 2025-07-02 [self-signature]
sig!3 XXXXXXXXXXXXXXXX 2025-07-04 [self-signature]
sig! YYYYYYYYYYYYYYYY 2025-07-03 Person1
sig! ZZZZZZZZZZZZZZZZ 2025-07-03 Person2
sub cv25519 2025-07-02 [E] [expires: 2030-07-01]
sig! XXXXXXXXXXXXXXXX 2025-07-02 [self-signature]
sub ed25519 2025-07-02 [S]
sig! XXXXXXXXXXXXXXXX 2025-07-02 [self-signature]adduid
uid 2
primary
uid 2
uid 1
deluidadduid
uid 2
primary
uid 2
uid 1
deluidgpg --list-keys --with-sig-checkpub ed25519 2025-07-02 [SC] [expires: 2030-07-01]
GGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG
uid [ultimate] Me
sig!3 XXXXXXXXXXXXXXXX 2025-07-04 [self-signature]
sub cv25519 2025-07-02 [E] [expires: 2030-07-01]
sig! XXXXXXXXXXXXXXXX 2025-07-02 [self-signature]
sub ed25519 2025-07-02 [S]
sig! XXXXXXXXXXXXXXXX 2025-07-02 [self-signature][ full ]. What's going on here?
tdrd
(1 rep)
Jul 4, 2025, 12:17 AM
0
votes
0
answers
134
views
How can I prevent gpg-agent from asking for a password?
I am using Fedora 40 (KDE) and I have followed the [Arch Wiki guide][1] on how to set it up. However, I would like to unlock - or, whatever is happening in the background - my GPG keys upon login. I am trying to set it up in a similar fashion to how `ssh-agent` works: that it caches the password (?)...
I am using Fedora 40 (KDE) and I have followed the Arch Wiki guide on how to set it up. However, I would like to unlock - or, whatever is happening in the background - my GPG keys upon login.
I am trying to set it up in a similar fashion to how
ssh-agent works: that it caches the password (?) and it doesn't ask for it when you SSH into a remote machine; it just logs you straight in.
The way it works now, is that it caches the password for however long you have set up default-cache-* but if you log out and back in, you'll have to reenter the passphrase.
telometto
(2191 rep)
Oct 11, 2024, 12:17 PM
• Last activity: Jun 23, 2025, 05:22 AM
2
votes
2
answers
994
views
How to export only some public sub-keys with gpg?
My PGP-key follows the long-lived-mainkey-short-time-subkeys pattern. Thus I already have 12 expired subkeys attached to my mainkey. When handing out my key today, there seems to be not much reason to include the expired encryption subkeys - nobody's going to need them anymore. Is there a way to onl...
My PGP-key follows the long-lived-mainkey-short-time-subkeys pattern. Thus I already have 12 expired subkeys attached to my mainkey. When handing out my key today, there seems to be not much reason to include the expired encryption subkeys - nobody's going to need them anymore.
Is there a way to only export a few of the **public** subkeys along with the (public) mainkey?
I tried to explicitly export the two current subkeys, which should provoke the mainkey to be exported alongside:
gpg -a --export >output.file
kaba
(151 rep)
Sep 8, 2023, 04:55 PM
• Last activity: Jun 22, 2025, 06:32 PM
0
votes
0
answers
69
views
GPG keeps failing in Fedora
I keep getting a recurring problem in Fedora 41 and now 42 where the GPG database gets locked and nothing I try can get it working. I have to delete the `.gnupg` directory and re-import my keys all over again. The problem manifests after a reboot and I discover it the next time I try and commit code...
I keep getting a recurring problem in Fedora 41 and now 42 where the GPG database gets locked and nothing I try can get it working. I have to delete the
.gnupg directory and re-import my keys all over again.
The problem manifests after a reboot and I discover it the next time I try and commit code to git.
I have tried:
1. Killing the process.
2. Rebooting.
3. rm -f ~/.gnupg/*.lock
4. gpgconf --kill all && gpgconf --launch gpg-agent
Additional info based on question below:
$ gpg --list-keys
gpg: Note: database_open 134217901 waiting for lock (held by 5289) ...
gpg: Note: database_open 134217901 waiting for lock (held by 5289) ...
gpg: Note: database_open 134217901 waiting for lock (held by 5289) ...
gpg: Note: database_open 134217901 waiting for lock (held by 5289) ...
gpg: Note: database_open 134217901 waiting for lock (held by 5289) ...
gpg: keydb_search_first failed: Connection timed out
$ lsof | grep 5289
$$ tree ~/.gnupg
/home/bryon/.gnupg
├── common.conf
├── private-keys-v1.d
│ ├── 3ED6F3A0FE32B7DFEC04340B9AFCDB4842DFDC85.key
│ ├── 6026F43FDF049972ED2ABFF215E85EB4937D6B45.key
│ ├── 81F8A0D8D0E9CD406AE2C89B16AA4D4E872A39AD.key
│ └── FAC9D0944809312FCD2EC1C5B3D9F79210AECF8D.key
├── public-keys.d
│ ├── pubring.db
│ └── pubring.db.lock
└── trustdb.gpg
3 directories, 8 files
$ lsof ~/.gnupg/public-keys.d/pubring.db.lock
$
Bryon
(369 rep)
Jun 16, 2025, 06:37 AM
• Last activity: Jun 18, 2025, 05:15 AM
0
votes
0
answers
43
views
Using password-store to use a retrieved password in a bash command without displaying it, possibly in a script?
A few years ago, I read about secrets being passed to commands without displaying and in an automated or scripting manner. Is possible to do this using `pass`? I figure if it is setup in a way in which upon boot something similar to `ssh-agent` to keep the GPG encryption key in memory.
A few years ago, I read about secrets being passed to commands without displaying and in an automated or scripting manner.
Is possible to do this using
pass?
I figure if it is setup in a way in which upon boot something similar to ssh-agent to keep the GPG encryption key in memory.
leeand00
(4937 rep)
Jun 5, 2025, 03:38 PM
• Last activity: Jun 6, 2025, 03:40 AM
1
votes
1
answers
4398
views
Problem with apt public keys in docker image building
I have problem after upgrading PHP image from 8.0 to PHP image 8.1 and on stackoverflow they sent me there this is my dockerfile: ``` FROM php:8.1-apache AS apache RUN a2enmod rewrite WORKDIR /bin WORKDIR ../ RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E98404D386FA1D9 6ED0E7B82643E...
I have problem after upgrading PHP image from 8.0 to PHP image 8.1 and on stackoverflow they sent me there
this is my dockerfile:
FROM php:8.1-apache AS apache
RUN a2enmod rewrite
WORKDIR /bin
WORKDIR ../
RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E98404D386FA1D9 6ED0E7B82643E131 F8D2585B8783D481 BDE6D2B9216EC7A8
RUN apt update \
&& apt install \
curl \
git \
unzip \
cron \
libzip-dev \
libcurl4-openssl-dev \
pkg-config \
libssl-dev \
libpng-dev \
libjpeg62-turbo-dev \
libicu-dev \
wget \
libcap2-bin \
procps \
-y \
&& setcap 'cap_net_bind_service=+ep' /usr/sbin/apache2 \
&& chown www-data:www-data /var/log/apache2 \
&& wget https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6.1-3/wkhtmltox_0.12.6.1-3.bookworm_amd64.deb \
&& apt install -y ./wkhtmltox_0.12.6.1-3.bookworm_amd64.deb \
&& rm wkhtmltox_0.12.6.1-3.bookworm_amd64.deb \
&& apt-get clean autoclean \
&& apt-get autoremove --yes
etc...[0mGet:1 http://deb.debian.org/debian bookworm InRelease [151 kB]
Get:2 http://deb.debian.org/debian bookworm-updates InRelease [52.1 kB]
Get:3 http://deb.debian.org/debian-security bookworm-security InRelease [48.0 kB]
Err:1 http://deb.debian.org/debian bookworm InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131 NO_PUBKEY F8D2585B8783D481
Err:2 http://deb.debian.org/debian bookworm-updates InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131
Err:3 http://deb.debian.org/debian-security bookworm-security InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 54404762BBB6E853 NO_PUBKEY BDE6D2B9216EC7A8RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E98404D386FA1D9 6ED0E7B82643E131 F8D2585B8783D481 BDE6D2B9216EC7A8[91mE: gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation
Andrzej Olearka
(11 rep)
Sep 2, 2023, 08:35 AM
• Last activity: May 31, 2025, 05:01 PM
2
votes
3
answers
3010
views
trying to install chef-client package via local yum repo
I am trying to make chef-11.16.4-1.el6.x86_64.rpm available to our servers via a local yum repo that we've built. it is not available in RHEL Repos, so i had to manually download and save it in our repo. so here is what i did on yum repo server: 1. cd /packages/rhel65-base/; wget https://opscode-omn...
I am trying to make chef-11.16.4-1.el6.x86_64.rpm available to our servers via a local yum repo that we've built.
it is not available in RHEL Repos, so i had to manually download and save it in our repo.
so here is what i did on yum repo server:
1. cd /packages/rhel65-base/; wget https://opscode-omnibus-packages.s3.amazonaws.com/el/6/x86_64/chef-11.16.4-1.el6.x86_64.rpm
2. createrepo /packages/rhel65-base/
Yum client was able to see the new package available:
[user1@testserver01 ~]$ yum list chef
Loaded plugins: amazon-id, rhui-lb, security
Installed Packages
chef.x86_64 11.16.0-1.el6 installed
Available Packages
chef.x86_64 11.16.4-1.el6 local-rhel65-base
But when trying to install the latest package of chef, it ends with below error:
warning: rpmts_HdrFromFdno: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
Public key for chef-11.16.4-1.el6.x86_64.rpm is not installed
Assuming that the chef rpm has not been signed, i tried to sign it myself by following https://iuscommunity.org/pages/CreatingAGPGKeyandSigningRPMs.html but still couldn't get it working.
Some useful info i can find in Chef's website is the SHA1 checksum value of this package.
Anyone got ideas/suggestions to solve this issue? thanks!
taki
(72 rep)
Aug 11, 2015, 03:08 PM
• Last activity: May 19, 2025, 09:10 PM
3
votes
1
answers
1910
views
Problem with gpg when using apt
I'm scratching my head to find a way to correct broken gpg stuff in `apt`. When i try to install Nodejs : curl -sL https://deb.nodesource.com/setup_7.x | sudo -E bash - sudo apt-get install -y nodejs I get this error : ## You seem to be using Debian version stretch. ## This maps to Debian "jessie".....
I'm scratching my head to find a way to correct broken gpg stuff in
apt.
When i try to install Nodejs :
curl -sL https://deb.nodesource.com/setup_7.x | sudo -E bash -
sudo apt-get install -y nodejs
I get this error :
## You seem to be using Debian version stretch.
## This maps to Debian "jessie"... Adjusting for you...
## Confirming "jessie" is supported...
+ curl -sLf -o /dev/null 'https://deb.nodesource.com/node_7.x/dists/jessie/Release '
## Adding the NodeSource signing key to your keyring...
+ curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
gpg: [don't know]: invalid packet (ctb=00)
gpg: keydb_get_keyblock failed: Valeur non trouvée
gpg: [don't know]: invalid packet (ctb=00)
gpg: /tmp/apt-key-gpghome.ix2LFsfXOw/pubring.gpg: copy to '/tmp/apt-key-gpghome.ix2LFsfXOw/pubring.gpg.tmp' failed: Paquet incorrect
gpg: error writing keyring '/tmp/apt-key-gpghome.ix2LFsfXOw/pubring.gpg': Paquet incorrect
gpg: [don't know]: invalid packet (ctb=00)
gpg: error reading '-': Paquet incorrect
gpg: import from '-' failed: Paquet incorrect
Error executing command, exiting
I use a Debian stretch rc2 with kernel 10.5. Don't know if it's the problem or not. I can't use stable version of debian because i'm running on a Ryzen processor.
When i try to install VSCode, i got another error too:
W: Erreur de GPG : http://packages.microsoft.com/repos/vscode stable InRelease : Les signatures suivantes n'ont pas pu être vérifiées car la clé publique n'est pas disponible : NO_PUBKEY EB3E94ADBE1229CF
W: The repository 'http://packages.microsoft.com/repos/vscode stable InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Any idea?
[EDIT]
This is my source.list
deb http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch main non-free contrib
deb-src http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch main non-free contrib
deb http://security.debian.org/debian-security/ stretch/updates main contrib non-free
deb-src http://security.debian.org/debian-security/ stretch/updates main contrib non-free
# stretch-updates, previously known as 'volatile'
deb http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch-updates main contrib non-free
deb-src http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch-updates main contrib non-free
# stretch-backports, previously on backports.debian.org
deb http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch-backports main contrib non-free
deb-src http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch-backports main contrib non-free
# deb [arch=amd64] https://download.docker.com/linux/debian/ stretch stable
# deb-src [arch=amd64] https://download.docker.com/linux/debian/ stretch stable
deb http://www.deb-multimedia.org/ stretch main non-free
deb [arch=amd64] http://packages.microsoft.com/repos/vscode stable main
Scandinave
(131 rep)
Apr 8, 2017, 09:14 AM
• Last activity: May 18, 2025, 06:04 PM
0
votes
0
answers
32
views
gpg syntax to incrementally append encrypted data
Data is sporadically generated and appended to a file (consider mbox or a log file). I want to store only an encrypted version. For a single "batch" of data, this sort of thing would work: ``` $ echo hello | gpg -e -r key >file1 $ file1 $ file2 $ sleep 10 $ echo world | gpg -e -r key [...] >>file2 $...
Data is sporadically generated and appended to a file
(consider mbox or a log file).
I want to store only an encrypted version.
For a single "batch" of data, this sort of thing would work:
$ echo hello | gpg -e -r key >file1
$ file1
$ file2
$ sleep 10
$ echo world | gpg -e -r key [...] >>file2
$ gpg manpage.
I see there is gpgtar but this creates independent files.
Encryption output (third example above) seems to be just multiple PGP messages concatenated together, so presumably if there is a way to detect the boundaries, one could split the input and invoke gpg separately on each message although I guess that would be quite inefficient.
I see that there is significant overhead for encrypting small amounts of data (598 bytes were added to each chunk in my test) so perhaps there is a better approach.
jhnc
(305 rep)
May 17, 2025, 09:05 PM
0
votes
1
answers
26
views
How to export only non-expired keys from gpg (pgp)?
How can I export *only* those non-expired public keys from my `gpg` keyring? If I export all of the public keys in my keyring, the ascii armored output file is several megabytes large, and it contains a lot of unusable keys that expired years (or decades) ago. I want to export only a subset of the p...
How can I export *only* those non-expired public keys from my
gpg keyring?
If I export all of the public keys in my keyring, the ascii armored output file is several megabytes large, and it contains a lot of unusable keys that expired years (or decades) ago.
I want to export only a subset of the public keys in my keyring -- just those that haven't yet expired.
How can I export only these non-expired keys from gpg?
Michael Altfield
(382 rep)
May 17, 2025, 03:46 PM
• Last activity: May 17, 2025, 04:01 PM
0
votes
1
answers
4369
views
No valid OpenPGP data found - Elasticsearch wget
I am trying to install elasticsearch on Ubuntu 20.04, but I am getting the following error: ``` home@VirtualBox$ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - gpg: no valid OpenPGP data found. ``` I also tried the following with no luck: ``` VirtualBox:~$ wget -q...
I am trying to install elasticsearch on Ubuntu 20.04, but I am getting the following error:
home@VirtualBox$ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
gpg: no valid OpenPGP data found.VirtualBox:~$ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch -O mykey
VirtualBox:~$ sudo apt-key add <<< mykey
[sudo] password for VirtualBox:
gpg: no valid OpenPGP data found.sudo apt-get update
John Barton
(101 rep)
Jan 31, 2021, 06:43 AM
• Last activity: May 10, 2025, 08:02 PM
0
votes
1
answers
4381
views
Somehow, someway, gpg: no valid OpenPGP data found
Trying to install tor through [this][1] websites guide. Working well, until I reach a `SIGNATURE VERIFICATION FAILED` error. They said to run this command to fix the key: gpg --homedir "$HOME/.local/share/torbrowser/gnupg_homedir" --refresh-keys --keyserver keyserver.ubuntu.com Which falls into a `g...
Trying to install tor through this websites guide. Working well, until I reach a
SIGNATURE VERIFICATION FAILED error. They said to run this command to fix the key:
gpg --homedir "$HOME/.local/share/torbrowser/gnupg_homedir" --refresh-keys --keyserver keyserver.ubuntu.com
Which falls into a gpg: no valid OpenPGP data found error. I tried this stackoverflow, but it contains a variety of nonspecific answers, all either concerning wget or curl. A similar issue was discussed here , but the answer was this command, which is where I'm having trouble. I deleted and reset my .gnupg folder, but I still hit the same error for some reason. Any ideas?
mtrojak2
(109 rep)
Feb 17, 2020, 07:31 AM
• Last activity: May 7, 2025, 05:03 PM
1
votes
1
answers
4362
views
gpg decryption error - bad session key
I have batch encrypted some backup files using a script. The OS is CentOS 7 and the current version of gpg is 2.0.22. The important parts of the script are: ``` enter code here`echo Enter passphrase read PASS for sourcefile in $(find /quitelarge/upload/proton/ -name *.gz); do echo $sourcefile destfi...
I have batch encrypted some backup files using a script. The OS is CentOS 7 and the current version of gpg is 2.0.22. The important parts of the script are:
enter code here`echo Enter passphrase
read PASS
for sourcefile in $(find /quitelarge/upload/proton/ -name *.gz); do
echo $sourcefile
destfile=$(echo $sourcefile | sed '1 s;/quitelarge/upload/proton;/quitelarge/upload/mega;')
gpg --batch --passphrase "$PASS" -o $destfile.gpg -c $sourcefile
donegpg -d agent.tar.gz.gpg
gpg: CAST5 encrypted data
gpg: encrypted with 1 passphrase
gpg: DBG: cleared passphrase cached with ID: SAEFA41D323D1BAE9
gpg: decryption failed: Bad session key
Ken-T
(11 rep)
Mar 22, 2022, 05:50 PM
• Last activity: May 2, 2025, 06:08 PM
137
votes
3
answers
74407
views
How to renew an expired keypair with gpg
What is the best way to **renew a gpg key pair when it got expired** and what is the reason for the method? The key pair is already signed by many users and available on public servers. - Should the new key be a subkey of the expired private key? - Should it be signed by the old (I could try to edit...
What is the best way to **renew a gpg key pair when it got expired** and what is the reason for the method?
The key pair is already signed by many users and available on public servers.
- Should the new key be a subkey of the expired private key?
- Should it be signed by the old (I could try to edit the key and change the date of expiration to tomorrow)?
- Should the new key sign the old?
Jonas Stein
(4298 rep)
Jan 4, 2015, 01:01 AM
• Last activity: Apr 30, 2025, 02:01 PM
0
votes
2
answers
327
views
GPG doesn't want to import my private key
I've been trying to export my private key from my laptop to my phone(termux). But whenever I tried importing the private key on the phone, the gpg just throws an error at me: > gpg --import private.pgp gpg: key AAAAAAAAAA: "name " imported gpg: key AAAAAAAAAA/BBBBBBBBBB: error sending to agent: A lo...
I've been trying to export my private key from my laptop to my phone(termux). But whenever I tried importing the private key on the phone, the gpg just throws an error at me:
> gpg --import private.pgp
gpg: key AAAAAAAAAA: "name " imported
gpg: key AAAAAAAAAA/BBBBBBBBBB: error sending to agent: A locale function failed
gpg: key AAAAAAAAAA/CCCCCCCCCC: error sending to agent: A locale function failed
gpg: error reading 'private.gpg': A locale function failed
gpg: import from 'private.pgp' failed: A locale function failed
gpg: Total number processed: 0
gpg: unchanged: 1
gpg: secret keys read: 1
I do not have much experience with GPG, and the internet doesn't help much either, so I am clueless as to how to solve the problem.
EDIT:
After researching some more, I found the '--debug-level' flag, which did help me close in on the problem:
gpg: DBG: chan_6 END
gpg: DBG: chan_6
gpg: key AAAAAAAAAA/BBBBBBBBBB: error sending to agent: A locale function failed
Still, I was not able to find any information regarding that problem, I tried every solution from every related post and still no luck.
Andrey Varvaryuk
(1 rep)
Nov 14, 2024, 05:17 PM
• Last activity: Apr 29, 2025, 07:46 AM
3
votes
4
answers
47505
views
apt-get gpg error when i try to update
i have a librem14 running pureos, i keep getting error running apt-get update librem14@PureOS:~$ sudo apt update An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://repo.ivpn.net/stable/debian ./generic InRe...
i have a librem14 running pureos, i keep getting error running apt-get update
librem14@PureOS:~$ sudo apt update
An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://repo.ivpn.net/stable/debian ./generic InRelease: Unknown error executing apt-key
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://brave-browser-apt-release.s3.brave.com stable InRelease: Unknown error executing apt-key
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://repo.pureos.net/pureos byzantium InRelease: Unknown error executing apt-key
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://repo.pureos.net/pureos byzantium-updates InRelease: Unknown error executing apt-key
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://repo.pureos.net/pureos byzantium-security InRelease: Unknown error executing apt-key
anybody know the solution?
Jason221
(31 rep)
Mar 17, 2022, 01:30 PM
• Last activity: Apr 27, 2025, 06:04 PM
1
votes
0
answers
105
views
No such device with Yubikey GnuPG
I have a yubikey 5 NFC with GPG keys configured that I use for encryption and signing. Usually, this works fine, but sometimes gpg will tell me that no card is connected; if I unplug and replug the key, it sometimes works again (although sometimes only after several tries). When it's not working, `g...
I have a yubikey 5 NFC with GPG keys configured that I use for encryption and signing. Usually, this works fine, but sometimes gpg will tell me that no card is connected; if I unplug and replug the key, it sometimes works again (although sometimes only after several tries). When it's not working,
gpg --card-status will say gpg: selecting card failed: No such device, and the light on the key often (but not always) lights up permanently.
This seems to happen at random, but usually after it's been plugged in for a while. One consistent way to reproduce this I've found is immediately after I log in with pam_u2f with the key, but only for a new X session (if I log in via su, for example, the key still works after).
Restarting gpg does not fix the problem, only replugging (and that also only sometimes).
This occurs both via usb and via NFC (HID Omnikey reader). Other functionality on the key (eg. u2f, WebAuthn) still works fine.
Versions:
- OS: OpenSuSE Leap 15.5
- GPG: 2.2.27 (from repo)
Lukor
(151 rep)
Apr 23, 2025, 11:29 AM
Showing page 1 of 20 total questions