sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10 command returns error
Solution 1
This may not actually be a problem with looking up the keyserver, which is what the error suggests. The apt-key command calls gpg, which in turn tries to access the keyserver. Apparently there's a bug in gpg whereby if the keyserver doesn't have the key you are requesting, then gpg misinterprets that as "host not found".
It may well be that a non-responsive keyserver will do the same thing, and I have seen environments where the keyservers are blocked (corporate firewall rules), so that could be your root cause if there is an upstream firewall you do not have access to.
Just for reference, the key is there and the keyserver is currently responding for me:
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /tmp/tmp.rh1myoBdSE --trustdb-name /etc/apt//trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv 7F0CEB10
gpg: requesting key 7F0CEB10 from hkp server keyserver.ubuntu.com
gpg: key 7F0CEB10: "Richard Kreuter <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
It may be that the port is the issue (it was the last time when I hit a corporate firewall problem), so try doing this on the standard HTTP port (80) instead, see if that sorts things out:
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
Solution 2
If you are using a proxy, for example company's proxy then probably the only way is to enter this manually, which is pretty straight forward. Run:
sudo apt-get update
and get the id of the pub_key.
Then go to http://keyserver.ubuntu.com/ and search for the key as a hexidecimal, for example if the key is 7936A783B, then search for 0x7936A783B.
Click on the pup link and copy the keys content and save it to a txt file.
Go to terminal and navigate to the file and run:
sudo apt-key add key.txt
If it works, you will get a simple OK feedback.
When all keys are added, then you may run:
sudo apt-get update
and there you have it!
Solution 3
I faced the same issue as my machine is behind a corporate proxy. Adding the gpg --keyserver-option http-proxy made the trick. Looks like:
sudo apt-key adv --keyserver-options http-proxy=<myProxy> --keyserver keyserver.ubuntu.com --recv 7F0CEB10
Solution 4
(CORRECT) sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv FDC247B7
(WRONG) sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-key FDC247B7
Related videos on Youtube
10 : 31
02 : 50
03 : 53
10 : 42
04 : 52
nyamka
Updated on September 18, 2022Comments
-
nyamka over 1 year
I'm trying to install Mongodb on Ubuntu 12 but when I run this command:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 7F0CEB10
This returned the error below:keyserver.ubuntu.com host not found
gpgkeys: HTTP fetch error 7: couldn't connect: no such file or directory
gpg:no valid openPGP data found
gpg: Total number processes :0I turned off Firewall on Iptables, but it don't work. Is there any idea?
-
Xyon almost 11 yearsCan your system resolve keyserver.ubuntu.com as an IP address? I.e, what's the output of
dig keyserver.ubuntu.com?
-
-
Moraru Lilian about 8 yearsThanks! Good that I didn't stop reading at the top...
-
Bill.Zhuang over 7 years"doing this on the standard HTTP port (80) instead" is nice tricky! tks
-
sxc731 about 7 yearsThis is neat; it's also possible to use the URL you obtain verbatim with
apt-keyas follows:apt-key adv --fetch-keys http://keyserver.ubuntu.com/pks/lookup?op=get&search=0xD6ACA1C817B18ABC -
Adam Katz over 5 years@sxc731 – The
apt-keyman page says: “Note that there are no checks performed, so it is easy to completely undermine the apt-secure(8) infrastructure if used without care.” This means you really don't want to do that without SSL. Change that to--fetch-keys https://…and you should be reasonably safe. -
sxc731 over 5 years@AdamKatz very good point, thanks. Unfortunately I can't edit my comment to apply your suggestion but upvoted anyway...
-
Adam Katz over 5 yearsWarning: without SSL, you could potentially be hit by a MitM attack that serves you a key whose fingerprint has the same final eight characters (example attacking key). Such a key may not even be shared publicly, so you'd never know you were pwned. To prevent such an attack from publicly shared keys, Debian's keyserver has a policy stating “only keys in the Debian keyrings … will be returned by this server”
-
miguelmorin over 5 yearsThe
--fetch-keysoption failed for me with error:https://keyserver.ubuntu.com/pks/lookup?op=get gpgkeys: protocolhttps' not supported gpg: no handler for keyserver schemehttps' gpg: WARNING: unable to fetch URI https://keyserver.ubuntu.com/pks/lookup?op=get: keyserver error -
Miguel Ortiz about 5 yearsThanks, exactly what I was looking for. -
Colin 't Hart about 3 yearsHow does this help? Seems to me to be very dangerous to import keys from a random source on the internet.
-
Kele Huang about 3 yearsThis import a definitely useful PGP signature, which is posted here "aur.archlinux.org/packages/linux-fix_navi_reset".
-
0xC0000022L almost 3 yearsLinks tend to go stale, so an excerpt of the information from a linked article should be included.
