1

i got this error when i run: sudo apt update in terminal on ubuntu 22.04

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/home:/Provessor/xUbuntu_20.04  InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 876292BF7F9C32BF
W: http://download.mono-project.com/repo/ubuntu/dists/trusty/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: Failed to fetch http://download.opensuse.org/repositories/home:/Provessor/xUbuntu_20.04/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 876292BF7F9C32BF
W: Some index files failed to download. They have been ignored, or old ones used instead.

I tried to fix the problem with the following command : sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 876292BF7F9C32BF but it doesn´t work and got this message

Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
Executing: /tmp/apt-key-gpghome.fbmSbmsKSu/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 876292BF7F9C32BF
gpg: keyserver receive failed: No data

click here for more details: https://i.stack.imgur.com/sehEd.png

Help me please :(

Smith Flores
  • 29
  • 1
  • 3

2 Answers2

1

I fixed my problem with these comands:

sudo rm -rf /var/lib/apt/lists/*
sudo rm -rf /etc/apt/sources.list.d/*
sudo apt-get update

:)

Smith Flores
  • 29
  • 1
  • 3
  • 2
    **This is the nuclear option.** It removes all of your nonstandard repositories, and in some APT systems, removes the standard ones as well. It does _not_, however, remove the GPG keys you've previously added, which may be a security liability (see [my answer](https://unix.stackexchange.com/a/711640/87770)). – Adam Katz Aug 29 '22 at 18:03
  • I'd rather rename the folders (or zip them and then remove the files). Then do the update. Then put the files back. – Phantômaxx Sep 22 '22 at 09:55
0

This method was deprecated for security concerns: it allowed any signing key you've added to sign any package, not just those within that signing key's repository.

The safer method is to add the key to a location like /usr/share/keyrings/repository-name.gpg and then reference it from your sources.list file, e.g.

deb [signed-by=/usr/share/keyrings/some-repo.gpg] http://some.repo/apt dev main

Learn more about the sources.list file format or see this example that adds the Xpra key and repository.

Adam Katz
  • 3,800
  • 1
  • 24
  • 33