Aviso do servidor Debian - pacotes não podem ser autenticados

Navegue suas respostas
0

Tentando atualizar um servidor Debian, recebi o seguinte aviso: 

WARNING: The following packages cannot be authenticated!
  e2fslibs e2fsprogs perl libperl5.20 perl-base perl-modules tar libapparmor1 libseccomp2 libsystemd0 libudev1 udev systemd ifupdown
  systemd-sysv libprocps3 procps libgpg-error0 libgcrypt20 libcomerr2 libss2 libssl-dev libssl1.0.0 git git-man libldap-common
  libldap-2.4-2 libcurl3-gnutls bash-completion libsqlite3-0 libfftw3-double3 libmagickwand-6.q16-2 libmagickcore-6.q16-2
  imagemagick-common curl libcurl3 libfastjson4 libglib2.0-0 liblognorm5 mysql-common libmysqlclient18 libpcap0.8 libpulse0 librbd1
  librados2 mosh rsyslog wget augeas-lenses ca-certificates-java dh-python htop libaugeas0 libcupsimage2 libcups2 libecj-java
  libglib2.0-data libnss-myhostname libtcnative-1 libtomcat8-java linux-libc-dev openssl python-pkg-resources python-pyinotify
  python3-pkg-resources shared-mime-info socat tmux tomcat8-common tomcat8
Install these packages without verification? [y/N] y
Get:1 http://ftp.fr.debian.org/debian/ jessie/main libboost-iostreams1.55.0 amd64 1.55.0+dfsg-3 [48.9 kB]
Get:2 http://ftp.debian.org/debian/ jessie-backports/main e2fslibs amd64 1.43.3-1~bpo8+1 [210 kB]
Get:3 http://ftp.fr.debian.org/debian/ jessie/main libboost-random1.55.0 amd64 1.55.0+dfsg-3 [30.3 kB]
Get:4 http://ftp.debian.org/debian/ jessie-backports/main e2fsprogs amd64 1.43.3-1~bpo8+1 [924 kB]
Get:5 http://ftp.debian.org/debian/ jessie-backports/main tar amd64 1.29b-1~bpo8+1 [752 kB]
Get:6 http://ftp.debian.org/debian/ jessie-backports/main libapparmor1 amd64 2.10.95-4~bpo8+2 [75.8 kB]

...etc

Eu vejo que nenhum https é usado. Essa é a questão aqui? Como posso resolver este problema?

Atualizar, conforme solicitado:

lista de apt-key: 

/etc/apt/trusted.gpg
--------------------
pub   1024D/BA684223 2012-02-08 [expired: 2017-04-19]
uid                  isv:ownCloud OBS Project <isv:[email protected]>

pub   2048R/557BEFF9 2016-09-25 [expires: 2018-12-04]
uid                  isv:ownCloud OBS Project <isv:[email protected]>

pub   2048R/479BC94B 2013-08-26 [expires: 2018-08-25]
uid                  ownCloud build service <obsrun@localhost>
sub   2048R/8DE365D9 2013-08-26 [expires: 2018-08-25]
sub   2048D/86EB6027 2013-08-26 [expires: 2018-08-25]
sub   2048g/1722EF54 2013-08-26 [expires: 2018-08-25]

/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg
----------------------------------------------------------
pub   4096R/2B90D010 2014-11-21 [expires: 2022-11-19]
uid                  Debian Archive Automatic Signing Key (8/jessie) <[email protected]>

/etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg
-------------------------------------------------------------------
pub   4096R/C857C906 2014-11-21 [expires: 2022-11-19]
uid                  Debian Security Archive Automatic Signing Key (8/jessie) <[email protected]>

/etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg
-------------------------------------------------------
pub   4096R/518E17E1 2013-08-17 [expires: 2021-08-15]
uid                  Jessie Stable Release Key <[email protected]>

/etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg
-----------------------------------------------------------
pub   4096R/F66AEC98 2017-05-22 [expires: 2025-05-20]
uid                  Debian Archive Automatic Signing Key (9/stretch) <[email protected]>
sub   4096R/B7D453EC 2017-05-22 [expires: 2025-05-20]

/etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg
--------------------------------------------------------------------
pub   4096R/8AE22BA9 2017-05-22 [expires: 2025-05-20]
uid                  Debian Security Archive Automatic Signing Key (9/stretch) <[email protected]>
sub   4096R/331F7F50 2017-05-22 [expires: 2025-05-20]

/etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg
--------------------------------------------------------
pub   4096R/1A7B6500 2017-05-20 [expires: 2025-05-18]
uid                  Debian Stable Release Key (9/stretch) <[email protected]>

/etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg
----------------------------------------------------------
pub   4096R/46925553 2012-04-27 [expires: 2020-04-25]
uid                  Debian Archive Automatic Signing Key (7.0/wheezy) <[email protected]>

/etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg
-------------------------------------------------------
pub   4096R/65FFB764 2012-05-08 [expires: 2019-05-07]
uid                  Wheezy Stable Release Key <[email protected]>
    
por SPRBRN 26.06.2018 / 14:24

1 resposta

2

I see that no https is used. Is that the issue here?

Não, os pacotes Debian são autenticados usando hashes assinados e não contam com a segurança do transporte.

How can I fix this problem?

Ao contrário do que eu comentei inicialmente, seu apt (e apt-get e aptitude , todos eles usam a mesma configuração de chave) é configurado corretamente, com as chaves apropriadas. Isso significa que ocorreu um erro durante a fase update ; apt teria reclamado sobre a impossibilidade de verificar um índice do repositório durante a atualização.

Você pode tentar apt update novamente; Se for bem-sucedido, tudo estará bem (a menos que os pacotes que você baixou nesse meio tempo tenham sido comprometidos), caso contrário, o erro deverá fornecer uma pista melhor sobre o que está acontecendo.

    
por 26.06.2018 / 14:53

Tags

converte despejo binário ncurses em texto Não é possível efetuar login se o shell estiver configurado para / usr / bin / bash