"no public key available" on apt-get update

When performing apt-get update, I get the following error:

root@ADS3-Debian6:/home/aluno# apt-get update
Atingido http://sft.if.usp.br squeeze Release.gpg
Ign http://sft.if.usp.br/debian/ squeeze/contrib Translation-en
Ign http://sft.if.usp.br/debian/ squeeze/contrib Translation-pt
Ign http://sft.if.usp.br/debian/ squeeze/contrib Translation-pt_BR


Obter:10 http://security.debian.org squeeze/updates/non-free i386 Packages [14 B]
Baixados 612 kB em 4s (125 kB/s)                    
Lendo listas de pacotes... Pronto
There is no public key available for the following key IDs: 8B48AD6246925553

I recommend that you follow @mariotomo’s answer rather than the steps below!

According to There is no public key available for the following key ID, this will fix it:

sudo aptitude install debian-archive-keyring


Answered By: That Brazilian Guy

As an alternative:

$ sudo apt-get install debian-keyring debian-archive-keyring
$ sudo apt-key update

The other answers will work, or not, depending on whether or not the key ‘8B48AD6246925553’ is present in the packages they indicate.

If you need a key, you have to get that key, and where to find it, it’s in a key server (very probably any key server will do):

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553
Answered By: mariotomo

I recommend:

$ sudo apt-get install debian-archive-keyring
$ sudo apt-key update

This is better than other approaches because it does not install debian-keyring, which is big and 99% of the time unnecessary.

Answered By: Greg Alexander

The error There is no public key available for the following key IDs indicates a serious security issue: an operating-system package cannot be checked for integrity with its public key, because its public key is missing.

If the message were:

There is no public key available for the following key IDs: 1397BC53640DB551

You can use this command to find out which repository uses the key:

for n in `ls /var/lib/apt/lists/*gpg`; do echo "$n" ; gpg --list-packets "$n" | grep 1397BC53640DB551; done

Which in this example is the Google’s repository for Chrome:


If you trust Google, its government, etc., you should find out where the key is and add it with:

wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add -
Answered By: Ivan Ogai

My answer is a slight upgrade (IMHO, YMMV) on @mariotomo (who I upvoted) in the following bash scriptlet

  • also uses gpg
  • parameterizes more
  • (also uses a different keyserver, though in this case I suspect it makes little difference)

You can also comment-out the eval line for a “dry-run”: the scriptlet will then only show you what it intends to do, without actually doing it. Just be sure to change the value of NO_PUBKEY every time you use this (you can also change KEYSERVER as desired):


echo "NO_PUBKEY_LEN='${NO_PUBKEY_LEN}'"     # for sanity or debugging
# note following works because bash arrays have 0-based indices
echo "NO_PUBKEY_2ND_HALF='${NO_PUBKEY_2ND_HALF}'"             # ditto

for CMD in 
  "gpg --keyserver ${KEYSERVER} --recv-keys ${NO_PUBKEY_2ND_HALF}" 
  "gpg -a --export ${NO_PUBKEY_2ND_HALF} | sudo apt-key add -" 
; do
  echo -e "${CMD}"
  eval "${CMD}"
Answered By: TomRoche

I faced the same problem in Linux Mint (Kernel Version 3.13.0-24) and I was able to solve it using the commands :

gpg --recv-keys <the-reported-key>

gpg --export <the-reported-key> | apt-key add -

Points to be noted:

1) The commands were executed in order
2) The commands were exectued as root user

Courtesy this answer.

Answered By: Ankur Kumar

This worked for me:

Quick remedy:

sudo rm -f /etc/apt/trusted.gpg


Answered By: Jakob

Run killall -q gpg-agent if the other solutions do not work. It may work.

I was getting a similar error for a PPA repository on Ubuntu 18.04 and after trying various solutions on the internet for the last month, I just stumbled on the gpg-agent and killed it. Then the PPA repositries started to update on doing sudo apt-get update. I know it may compromise security, but sometimes you need a package from a PPA, and GPG just doesn’t let you. Later, you start the gpg-agent again, and things go back to normal.

Answered By: MSharq

I just ran into this issue while trying to update a desktop box with a horrible case of laziness-induced installation cobwebs, and fixed it by using my web browser to save the latest available version of the debian-archive-keyring package from https://packages.debian.org/sid/debian-archive-keyring into /tmp, then hand-installing it with dpkg -i /tmp/debian-archive-keyring*.deb.

This procedure is very simple, not subject to tampering via MITM attacks, and the download and installation steps can be done on separate machines if the target machine’s cobwebs are bad enough to require that.

Answered By: flabdablet
Categories: Answers Tags:
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.