我使用的是 Ubuntu 22.04 系统,当我尝试运行时
sudo apt update
出现以下错误:
vijay@vijay-ThinkPad-E15-Gen-2:~$ sudo apt-get update
Get:1 file:/var/cuda-repo-ubuntu2004-11-2-local InRelease
Ign:1 file:/var/cuda-repo-ubuntu2004-11-2-local InRelease
Get:2 file:/var/cuda-repo-ubuntu2204-12-4-local InRelease [1,572 B]
Get:3 file:/var/cudnn-local-repo-ubuntu2204-9.0.0 InRelease [1,572 B]
Get:2 file:/var/cuda-repo-ubuntu2204-12-4-local InRelease [1,572 B]
Get:4 file:/var/cuda-repo-ubuntu2004-11-2-local Release [564 B]
Get:3 file:/var/cudnn-local-repo-ubuntu2204-9.0.0 InRelease [1,572 B]
Get:4 file:/var/cuda-repo-ubuntu2004-11-2-local Release [564 B]
Hit:6 https://deb.nodesource.com/node_18.x nodistro InRelease
Hit:7 https://packages.microsoft.com/repos/code stable InRelease
Err:6 https://deb.nodesource.com/node_18.x nodistro InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2F59B5F99B1BE0B4
Hit:8 https://dl.google.com/linux/chrome/deb stable InRelease
Hit:9 http://security.ubuntu.com/ubuntu jammy-security InRelease
Hit:10 http://in.archive.ubuntu.com/ubuntu jammy InRelease
Hit:11 http://in.archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:12 http://in.archive.ubuntu.com/ubuntu jammy-backports InRelease
Hit:13 https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu jammy InRelease
Reading package lists... Done
W: file:/var/cuda-repo-ubuntu2004-11-2-local/Release.gpg: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://deb.nodesource.com/node_18.x nodistro InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2F59B5F99B1BE0B4
W: Failed to fetch https://deb.nodesource.com/node_18.x/dists/nodistro/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2F59B5F99B1BE0B4
W: Some index files failed to download. They have been ignored, or old ones used instead.
我已检查以解决此问题,我得到了类似以下命令的解决方案:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 2F59B5F99B1BE0B4
执行结果如下:
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
Executing: /tmp/apt-key-gpghome.5riFaj3RU8/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 2F59B5F99B1BE0B4
gpg: key 2F59B5F99B1BE0B4: "NSolid <[email protected]>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
但这并没有解决问题。当我再次跑步时
sudo apt update
它抛出同样的错误。
我不知道如何解决这个问题。如何调试确切的问题。
我查找了有关此问题的更多信息,发现这篇文章我认为可能会解决您的第二个问题(apt-key)以最终解决您的第一个问题(签名验证问题)
我将在下面恢复该帖子的内容,尽管我鼓励您阅读该帖子,因为它解释了为什么
apt-key步骤如下:
wget https://host.domain.tld/path/to/<keyfile>.<ext>(不需要
-O>wget验证文件类型是否为“PGP 公钥块 Public-Key(旧)”: -
file <keyfile>.<ext>gpggpg --no-default-keyring --keyring ./temp-keyring.gpg --import <keyfile>.<ext>gpg --no-default-keyring --keyring ./temp-keyring.gpg --export --output <your-keyfile-name>.gpgrm temp-keyring.gpg现在您已经有了转换后的密钥,不要通过将其复制到
apt/etc/apt/trusted.gpg.d//etc/apt/keyrings/keyringsman 5 sources.list此时,什么都没有改变,并且
apt.list编辑文件
/etc/apt/sources.list.d/<example>.listdeb[signed-by=/etc/apt/keyrings/<your-keyfile-name>.gpg]现在 apt 将接受该存储库中所有软件包的密钥签名,并且仅该存储库。
备注:
如果您在
/etc/apt/trusted.gpg.d//etc/apt/keyrings/.listsigned-by如果您在
/etc/apt/trusted.gpg要将存储库的密钥从密钥服务器导入到独立文件:
gpg --no-default-keyring --keyring <output-file-name>.gpg --keyserver <some.keyserver.uri> --recv-keys <fingerprint>这应该给你一个 apt 无需转换即可接受的密钥。
Apt 仍然非常值得信任,恶意或受损的存储库可以轻松绕过此措施,因为软件包当前可以在其安装脚本中以 root 身份运行任意 shell 代码。不过,关闭一个攻击向量并没有什么坏处,而且其他方面正在(缓慢地)取得进展。
您可以选择使用单独的
Deb822.sources.list来源:
再次强调,这个答案来自这篇文章,希望它能解决您的问题。