Force update from unsigned repository
Solution 1
You can bypass some important safeguards by using the following option:
--allow-unauthenticated
From the man pages for apt-get:
--allow-unauthenticated
Ignore if packages can't be authenticated and don't prompt about
it. This can be useful while working with local repositories, but
is a huge security risk if data authenticity isn't ensured in
another way by the user itself. The usage of the Trusted option for
sources.list(5) entries should usually be preferred over this
global override. Configuration Item:
APT::Get::AllowUnauthenticated.
But be a little cautious about using this option more widely, the safeguards are in place to protect your computer not limit your freedom...
Solution 2
You can set options in your sources.list
(located at /etc/apt/sources.list
):
deb [trusted=yes] http://www.deb-multimedia.org jessie main
The trusted option is what turns off the GPG check. See man 5 sources.list
for details.
You can either edit the file within the terminal with vim ( or whatever you prefer) or any non-terminal editor like gedit.
Solution 3
Another generic solution would be
sudo apt-key adv --keyserver pgp.mit.edu --recv-keys 5C808C2B65558117
Note: I didn't test the solution with this repository but I did it with Skype repository and it worked just fine.
Another solution specific to your case is to install the keys
wget http://www.deb-multimedia.org/pool/main/d/deb-multimedia-keyring/deb-multimedia-keyring_2012.05.05_all.deb -O deb-multimedia-keyring.deb
sudo dpkg -i multimedia-keyring_all.deb
As described in the full walk through Here
Solution 4
If you are trying to get a package from a repository where they packaged the keys and include them within the repository and no where else, it can be very annoying to download and install the key/keyring package using dpkg, and very difficult to do so in an easily scriptable and repeatable manner.
The below script is not recommended if you can install the keys from a keyserver (as recommended in another answer using apt-key adv
) or if you can download them from a trusted source via https and install using apt-key (eg wget https://trusted.key.site/my-trusted-key.gpg | sudo apt-key add -
), but if you don't have ANY other way, you can use this.
echo "deb http://your.repo.domain/repository/ $(lsb_release -c -s) universe" | sudo tee /etc/apt/sources.list.d/your-repo-name.list
sudo apt -o Acquire::AllowInsecureRepositories=true \
-o Acquire::AllowDowngradeToInsecureRepositories=true \
update
## if the 'apt update' above fails it is likely due to previously
## having the GPG key and repository on the system, you can clean
## out the old lists with `sudo rm /var/lib/apt/lists/your.repo.domain*`
apt-get -o APT::Get::AllowUnauthenticated=true install repo-keyring-pkgname
## If you ever run `sudo apt-key del your-repos-keyID`
## you may have to `sudo apt remove --purge repo-keyring-pkgname`
## Update should run without the GPG warnings now that the key is installed
apt-get update
apt-get install somepkg-from-repo
I originally put this together because i3 in their sur5r repo does this, but then I found out their keys are in the keyserver.ubuntu.com list, so I can just sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E3CA1A89941C42E6
and avoid all the extra package hassles.
Solution 5
N: See apt-secure(8) manpage for repository creation and user configuration details.
answer:
ls /etc/apt/sources.list.d
next try removing them using
sudo rm -i /etc/apt/sources.list.d/{output of 1}
do it for each
eg: sudo rm -i /etc/apt/sources.list.d/wireshark-dev-ubuntu-stable-focal.list
then try
sudo apt update
:)
Related videos on Youtube
Shan
Updated on September 18, 2022Comments
-
Shan over 1 year
I'm using an unsigned repo in Ubuntu 16.04 from Debian multimedia:
deb http://www.deb-multimedia.org jessie main
To install
deb-multimedia-keyring
, I'm running:apt-get update && apt-get install deb-multimedia-keyring -y
This gives an error:
W: GPG error: http://www.deb-multimedia.org jessie InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5C808C2B65558117 E: The repository 'http://www.deb-multimedia.org jessie InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details.
-
Timo about 6 yearsI use
Raspbian stretch
and get even with the optionE: The repository 'http://ftp.de.debian.org/debian testing InRelease' is not signed.
I want to upgrade from python 3.5. t 3.6. -
Jürgen Weigert about 6 yearsThis answer seems incomplete when faced with Ubuntu 18.04 There it tries to annoy me by saying nasty things like
... Release is not valid yet (invalid for another 44min 35s). Updates for this repository will not be applied.
Even after rm-ing the /var/lib/apt/lists/* things... -
dragon788 about 6 yearsThat is simply a mirror replication problem and shouldn't affect the authentication or signing of packages in the repositories. Since 1804 is just coming out of beta a lot of mirrors are trying to catch up and the mirroring service may point you to server that isn't fully in sync yet.
-
xeruf about 6 yearstold me that "this option can't be interpreted together with the other options"when executing
sudo apt-get update --allow-unauthenticated
-
Jay Taylor almost 6 yearsNOTE: This no longer seems to work in Ubuntu 18.04 as of July 2018.
-
andrew.46 almost 6 years@JayTaylor: I have just opened a fresh Virtual Machine for 18.04 and the command functions here perfectly well. Pastebin here: pastebin.com/ygLTnP1C
-
Jay Taylor almost 6 yearsInteresting; perhaps there might be something else different on the machine I tried it from behind the errors I observed. In any case, adding the
[trusted=yes]
field to sources.list did work. Thanks for your diligence @andrew.46 :) -
fuzzi over 5 yearsHow do we access the
sources.list
from the terminal? -
Prathu Baronia over 5 yearsIt is located in
/etc/apt/sources.list
. You can either edit it within the terminal with vim ( or whatever you prefer) or any non-terminal editor like gedit. -
kshakir over 4 yearsI had luck with
--allow-insecure-repositories
via this other answer. -
Paul about 4 years18.04 does not use ifconfig, it uses netplan. Going from 16.04 to 18.04 will keep ifconfig and may work better for your device, but I do not see how it is related to installing from unsigned repositories.
-
Wastrel about 4 yearsThat is almost certainly what happened. The point is that after installing 18.04 bare, updates did not work: "repository is unsigned". To get updates to work properly I had to install 16.04 and then upgrade to 18.04.
-
Paul about 4 yearsAh okay, it's not that clear in the story above. But now on 18.04 you can still install from unsigned repositories w/o any error message? T.b.h you kind of want to get the message as it may indicate something is wrong and you can exclude specific repositories from this check with the answers above.
-
Wastrel about 4 yearsYes, it all works fine after following the upgrade procedure. It's rather puzzling that the .iso for 18.04 and 16.04 did not, in themselves, have the signatures to the standard repositories.
-
Brent Rittenhouse almost 4 yearsI'll second that. I actually did "sudo apt-get update --allow-unauthenticated --allow-insecure-repositories" and it worked. It's probably the --allow-insecure-repositories though...
-
ahorn over 3 yearsWhat does
jessie main
mean? I am using Lubuntu 20.04 LTS. -
Prathu Baronia over 3 yearsjessie is the distribution release name and main is the component name. You can find info on component names here
-
L Co almost 3 yearsmy issue was with a repo added with add-apt-repository. Be sure to check
/etc/apt/sources.list.d/
for any.list
files that might have the source you are trying to trust, in addition to the sources in/etc/apt/sources.list
-
akshit bhatia almost 3 yearsadding [allow-insecure=yes] worked for me
-
JonathanDavidArndt almost 3 yearsWorks in Debian 11 Bullseye.
-
Revol89 about 2 yearsThanks. It worked perfectly.
-
yegor256 about 2 yearsDoesn't work on Ubuntu 20.04
-
xjcl about 2 yearsI tried the answer on a Linux Mint that was based on Ubuntu 18.04 in case that helps anyone