自 2022 年 11 月 19 日起,Debian 8 上的 apt-get update 在运行 apt-get update 时出现以下错误/警告:
W: GPG error: http://archive.debian.org jessie Release:
The following signatures were invalid: KEYEXPIRED 1587841717
我的 /etc/apt/sources.list 的内容:
deb http://archive.debian.org/debian/ jessie main contrib non-free
deb http://deb.freexian.com/extended-lts jessie-lts main contrib non-free
过期的密钥:
apt-key list
/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg
pub 4096R/2B90D010 2014-11-21 [expired: 2022-11-19]
uid Debian Archive Automatic Signing Key (8/jessie) <[email protected]>
/etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg
pub 4096R/C857C906 2014-11-21 [expired: 2022-11-19]
uid Debian Security Archive Automatic Signing Key (8/jessie) <[email protected]>
我安装了 debian-archive-keyring 软件包。
我尝试使用以下方法更新密钥:
gpg --keyserver keyring.debian.org --recv-key 2B90D010
gpg --keyserver keyring.debian.org --recv-key C857C906
但是这些密钥在 keyring.debian.org 上似乎不为人所知:
gpg: requesting key 2B90D010 from hkp server keyring.debian.org
gpgkeys: key 2B90D010 can't be retrieved
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
gpg: requesting key C857C906 from hkp server keyring.debian.org
gpgkeys: key C857C906 can't be retrieved
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0`
所以我想我的问题是:
archive.debian.org 站点上的所有密钥均已过期。
apt-get update
和 apt-get install
时的警告?如果您在基于
debian:jessie
基础 docker 镜像的 Docker 镜像中遇到此错误,请将基础镜像更改为 debian/eol:jessie
基础 docker 镜像应该可以解决该问题。
对于问题 3,apt-get 选项 --allow-unauthenticated 可能是一种可能的解决方法,但我不会将其用作永久解决方案,因为它不安全。
你好! 对我有用的可能解决方案是:
wget http://http.us.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2023.4_all.deb
dpkg -i debian-archive-keyring_2023.4_all.deb