GPGArchiveSignature
GPG Keys for APT repositories
This page is a stub at the moment. It is intended to furnish an explanation of what the GPG keys used by apt-get do and how they do it, so that people encountering problems are somewhat aided.
This wiki page is prompted by intermittent Ubuntu archive problems which mean that some users get the following nasty, indecipherable error message
W: GPG error: http://archive.ubuntu.com breezy-updates Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com> W: You may want to run apt-get update to correct these problems apt-key list output: /etc/apt/trusted.gpg -------------------- pub 1024D/437D05B5 2004-09-12 uid Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>sub 2048g/79164387 2004-09-12 pub 1024D/FBB75451 2004-12-30 uid Ubuntu CD Image Automatic Signing Key <cdimage@ubuntu.com>
The notion of GPG keys (and how to use them to upload packages to Ubuntu archives) is explained in GPGKey, but this does not tell us about the error message. A discussion of the problem has come up in bugzilla.
GPGArchiveSignature (last edited 2008-08-06 16:31:15 by localhost)