"no public key available" on apt-get update

Question

"no public key available" on apt-get update

When performing apt-get update, I get the following error:

root@ADS3-Debian6:/home/aluno# apt-get update
Atingido http://sft.if.usp.br squeeze Release.gpg
Ign http://sft.if.usp.br/debian/ squeeze/contrib Translation-en
Ign http://sft.if.usp.br/debian/ squeeze/contrib Translation-pt
Ign http://sft.if.usp.br/debian/ squeeze/contrib Translation-pt_BR

(…)

Obter:10 http://security.debian.org squeeze/updates/non-free i386 Packages [14 B]
Baixados 612 kB em 4s (125 kB/s)                    
Lendo listas de pacotes... Pronto
There is no public key available for the following key IDs: 8B48AD6246925553

Asked By: That Brazilian Guy

||

Source

Answer 1

I recommend that you follow @mariotomo’s answer rather than the steps below!

According to There is no public key available for the following key ID, this will fix it:

sudo aptitude install debian-archive-keyring

References

Debian Public Keys Error 2

Answered By: That Brazilian Guy

Answer 2

As an alternative:

$ sudo apt-get install debian-keyring debian-archive-keyring
$ sudo apt-key update

Answered By: abdiansah.wordpress.com

Answer 3

The other answers will work, or not, depending on whether or not the key ‘8B48AD6246925553’ is present in the packages they indicate.

If you need a key, you have to get that key, and where to find it, it’s in a key server (very probably any key server will do):

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553

Answered By: mariotomo

Answer 4

I recommend:

$ sudo apt-get install debian-archive-keyring
$ sudo apt-key update

This is better than other approaches because it does not install debian-keyring, which is big and 99% of the time unnecessary.

Answered By: Greg Alexander

Answer 5

The error There is no public key available for the following key IDs indicates a serious security issue: an operating-system package cannot be checked for integrity with its public key, because its public key is missing.

If the message were:

There is no public key available for the following key IDs: 1397BC53640DB551

You can use this command to find out which repository uses the key:

for n in `ls /var/lib/apt/lists/*gpg`; do echo "$n" ; gpg --list-packets "$n" | grep 1397BC53640DB551; done

Which in this example is the Google’s repository for Chrome:

/var/lib/apt/lists/dl.google.com_linux_chrome_deb_dists_stable_Release.gpg

If you trust Google, its government, etc., you should find out where the key is and add it with:

wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -

Answered By: Ivan Ogai

Answer 6

My answer is a slight upgrade (IMHO, YMMV) on @mariotomo (who I upvoted) in the following bash scriptlet

also uses gpg
parameterizes more
(also uses a different keyserver, though in this case I suspect it makes little difference)

You can also comment-out the eval line for a “dry-run”: the scriptlet will then only show you what it intends to do, without actually doing it. Just be sure to change the value of NO_PUBKEY every time you use this (you can also change KEYSERVER as desired):

NO_PUBKEY='1397BC53640DB551' # CHANGE TO THE VALUE CITED IN YOUR ERROR MESSAGE!
KEYSERVER='keys.gnupg.net'

NO_PUBKEY_LEN="${#NO_PUBKEY}"
echo "NO_PUBKEY_LEN='${NO_PUBKEY_LEN}'"     # for sanity or debugging
# note following works because bash arrays have 0-based indices
NO_PUBKEY_2ND_HALF_START=$(( NO_PUBKEY_LEN/2 ))
echo "NO_PUBKEY_2ND_HALF_START='${NO_PUBKEY_2ND_HALF_START}'" # ditto
NO_PUBKEY_2ND_HALF="${NO_PUBKEY:${NO_PUBKEY_2ND_HALF_START}}"
echo "NO_PUBKEY_2ND_HALF='${NO_PUBKEY_2ND_HALF}'"             # ditto

for CMD in 
  'date' 
  "gpg --keyserver ${KEYSERVER} --recv-keys ${NO_PUBKEY_2ND_HALF}" 
  'date' 
  "gpg -a --export ${NO_PUBKEY_2ND_HALF} | sudo apt-key add -" 
; do
  echo -e "${CMD}"
  eval "${CMD}"
done

Answered By: TomRoche

Answer 7

I faced the same problem in Linux Mint (Kernel Version 3.13.0-24) and I was able to solve it using the commands :

gpg --recv-keys <the-reported-key>

gpg --export <the-reported-key> | apt-key add -

Points to be noted:

1) The commands were executed in order
2) The commands were exectued as root user

Courtesy this answer.

Answered By: Ankur Kumar

Answer 8

This worked for me:

Quick remedy:

sudo rm -f /etc/apt/trusted.gpg

(Source)

Answered By: Jakob

Answer 9

Run killall -q gpg-agent if the other solutions do not work. It may work.

I was getting a similar error for a PPA repository on Ubuntu 18.04 and after trying various solutions on the internet for the last month, I just stumbled on the gpg-agent and killed it. Then the PPA repositries started to update on doing sudo apt-get update. I know it may compromise security, but sometimes you need a package from a PPA, and GPG just doesn’t let you. Later, you start the gpg-agent again, and things go back to normal.

Answered By: MSharq

Answer 10

I just ran into this issue while trying to update a desktop box with a horrible case of laziness-induced installation cobwebs, and fixed it by using my web browser to save the latest available version of the debian-archive-keyring package from https://packages.debian.org/sid/debian-archive-keyring into /tmp, then hand-installing it with dpkg -i /tmp/debian-archive-keyring*.deb.

This procedure is very simple, not subject to tampering via MITM attacks, and the download and installation steps can be done on separate machines if the target machine’s cobwebs are bad enough to require that.

Answered By: flabdablet