Problema com o gpg ao usar o apt

3

Estou coçando a cabeça para encontrar uma maneira de corrigir as coisas quebradas do gpg em apt .

Quando tento instalar o Nodejs:

curl -sL https://deb.nodesource.com/setup_7.x | sudo -E bash -
sudo apt-get install -y nodejs

Eu recebo este erro:

## You seem to be using Debian version stretch.
## This maps to Debian "jessie"... Adjusting for you...

## Confirming "jessie" is supported...

+ curl -sLf -o /dev/null 'https://deb.nodesource.com/node_7.x/dists/jessie/Release'

## Adding the NodeSource signing key to your keyring...

+ curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
gpg: [don't know]: invalid packet (ctb=00)
gpg: keydb_get_keyblock failed: Valeur non trouvée
gpg: [don't know]: invalid packet (ctb=00)
gpg: /tmp/apt-key-gpghome.ix2LFsfXOw/pubring.gpg: copy to '/tmp/apt-key-gpghome.ix2LFsfXOw/pubring.gpg.tmp' failed: Paquet incorrect
gpg: error writing keyring '/tmp/apt-key-gpghome.ix2LFsfXOw/pubring.gpg': Paquet incorrect
gpg: [don't know]: invalid packet (ctb=00)
gpg: error reading '-': Paquet incorrect
gpg: import from '-' failed: Paquet incorrect
Error executing command, exiting

Eu uso um Debian stretch rc2 com o kernel 10.5. Não sei se é o problema ou não. Eu não posso usar a versão estável do debian porque estou rodando em um processador Ryzen.

Quando tento instalar o VSCode, também recebo outro erro:

W: Erreur de GPG : http://packages.microsoft.com/repos/vscode stable InRelease : Les signatures suivantes n'ont pas pu être vérifiées car la clé publique n'est pas disponible : NO_PUBKEY EB3E94ADBE1229CF
W: The repository 'http://packages.microsoft.com/repos/vscode stable InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Alguma ideia?

[EDITAR] Esta é minha source.list

deb http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch main non-free contrib 
deb-src http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch main non-free contrib 

deb http://security.debian.org/debian-security/ stretch/updates main contrib non-free 
deb-src http://security.debian.org/debian-security/ stretch/updates main contrib non-free 

# stretch-updates, previously known as 'volatile'
deb http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch-updates main contrib non-free 
deb-src http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch-updates main contrib non-free 

# stretch-backports, previously on backports.debian.org
deb http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch-backports main contrib non-free 
deb-src http://ftp.univ-pau.fr/linux/mirrors/debian/ stretch-backports main contrib non-free 

# deb [arch=amd64] https://download.docker.com/linux/debian/ stretch stable 
# deb-src [arch=amd64] https://download.docker.com/linux/debian/ stretch stable 
deb http://www.deb-multimedia.org/ stretch main non-free 
deb [arch=amd64] http://packages.microsoft.com/repos/vscode stable main
    
por Scandinave 08.04.2017 / 11:14

1 resposta

0

Eu entendo que essa é uma pergunta antiga e pode ser superada por eventos (OBE) ... No entanto ...

Parece que existem alguns problemas que coincidentemente ocorreram simultaneamente.

Problema 1: Nodejs repo chaves públicas de GPG

Eu não tive nenhum problema para baixar as chaves, então talvez o repositório estivesse com problemas de conectividade ou alguma outra falha naquele dia em particular.

Aqui está o meu teste de leitura das chaves públicas de repo:

$ curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key |gpg --list-packets

# off=0 ctb=99 tag=6 hlen=3 plen=525
:public key packet:
    version 4, algo 1, created 1402676406, expires 0
    pkey[0]: [4096 bits]
    pkey[1]: [17 bits]
    keyid: 1655A0AB68576280
# off=528 ctb=b4 tag=13 hlen=2 plen=31
:user ID packet: "NodeSource <[email protected]>"
# off=561 ctb=89 tag=2 hlen=3 plen=568
:signature packet: algo 1, keyid 1655A0AB68576280
    version 4, created 1402676406, md5len 0, sigclass 0x13
    digest algo 2, begin of digest 74 e6
    hashed subpkt 2 len 4 (sig created 2014-06-13)
    hashed subpkt 27 len 1 (key flags: 03)
    hashed subpkt 11 len 5 (pref-sym-algos: 9 8 7 3 2)
    hashed subpkt 21 len 5 (pref-hash-algos: 8 2 9 10 11)
    hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
    hashed subpkt 30 len 1 (features: 01)
    hashed subpkt 23 len 1 (keyserver preferences: 80)
    subpkt 16 len 8 (issuer key ID 1655A0AB68576280)
    data: [4095 bits]
# off=1132 ctb=b9 tag=14 hlen=3 plen=525
:public sub key packet:
    version 4, algo 1, created 1402676406, expires 0
    pkey[0]: [4096 bits]
    pkey[1]: [17 bits]
    keyid: 6C5CDECAAA01DA2C
# off=1660 ctb=89 tag=2 hlen=3 plen=543
:signature packet: algo 1, keyid 1655A0AB68576280
    version 4, created 1402676406, md5len 0, sigclass 0x18
    digest algo 2, begin of digest 83 d0
    hashed subpkt 2 len 4 (sig created 2014-06-13)
    hashed subpkt 27 len 1 (key flags: 0C)
    subpkt 16 len 8 (issuer key ID 1655A0AB68576280)
    data: [4096 bits]

Problema 2: chaves públicas do Microsoft repo GPG

O problema aqui é que as chaves públicas da Microsoft estão localizadas em um diretório separado no servidor de repo da Microsoft.

Eu encontrei o arquivo de chave em:

link

Aqui está o meu teste de leitura das chaves públicas de repo da Microsoft:

$ curl -s https://packages.microsoft.com/keys/microsoft.asc |gpg --list-packets
# off=0 ctb=99 tag=6 hlen=3 plen=269
:public key packet:
    version 4, algo 1, created 1446074508, expires 0
    pkey[0]: [2048 bits]
    pkey[1]: [17 bits]
    keyid: EB3E94ADBE1229CF
# off=272 ctb=b4 tag=13 hlen=2 plen=55
:user ID packet: "Microsoft (Release signing) <[email protected]>"
# off=329 ctb=89 tag=2 hlen=3 plen=309
:signature packet: algo 1, keyid EB3E94ADBE1229CF
    version 4, created 1446074508, md5len 0, sigclass 0x13
    digest algo 2, begin of digest 1a 9b
    hashed subpkt 2 len 4 (sig created 2015-10-28)
    hashed subpkt 27 len 1 (key flags: 03)
    hashed subpkt 11 len 5 (pref-sym-algos: 9 8 7 3 2)
    hashed subpkt 21 len 3 (pref-hash-algos: 2 8 3)
    hashed subpkt 22 len 2 (pref-zip-algos: 2 1)
    hashed subpkt 30 len 1 (features: 01)
    hashed subpkt 23 len 1 (keyserver preferences: 80)
    subpkt 16 len 8 (issuer key ID EB3E94ADBE1229CF)
    data: [2047 bits]

Problema 3: Falta de barra no repo URL

Há uma barra em falta na sua linha /etc/apt/sources.list para o repo da Microsoft.

Esta linha:

deb [arch=amd64] http://packages.microsoft.com/repos/vscode stable main

Deve ser:

deb [arch=amd64] http://packages.microsoft.com/repos/vscode/ stable main

Solução completa

  1. Volte a tentar instalar nodejs
  2. Adicione a barra em falta em /etc/apt/sources.list
  3. Faça o download e adicione as chaves de assinatura do repo da Microsoft:

curl -s https://packages.microsoft.com/keys/microsoft.asc |apt-key add -

    
por 01.11.2018 / 15:30