NO_PUBKEY 793FEB8BB69735B2. Vivaldi repository GPG error. The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 793FEB8BB69735B2

Debian Bullseye 11 and Ubuntu 22.04 will no longer use apt-key (apt-key deprecated) to manage the list of keys used by apt to authenticate packages. Therefore if you are using debian 10 testing (Bullseye) the standard procedure to import the Vivaldi specific repository key using apt-key will inevitably lead to the title warning.

# Import the Vivaldi repository signing key:
wget -qO- https://repo.vivaldi.com/stable/linux_signing_key.pub | sudo apt-key add -

To avoid the warning we can take the repository key in plain text format, convert it into binary gpg format and add it to the specific apt directory /etc/apt/trusted.gpg.d

curl -fsSL https://repo.vivaldi.com/stable/linux_signing_key.pub | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/bullseye-vivaldi pgdg.gpg > /dev/null


we can split the command into several lines for a better reading: :

curl -fsSL https://repo.vivaldi.com/stable/linux_signing_key.pub | 
gpg --dearmor | 
sudo tee /etc/apt/trusted.gpg.d/bullseye-vivaldi.gpg > 
/dev/null 
  • curl downloads the pub key ( plain text type ) of the Vivaldi apt repository
  • gpg –dearmor create a bynary gpg key
  • tee reads the standard input and writes it both as standard output and to the file ( /etc/apt/trusted.gpg.d/bullseye-vivaldi.gpg )
  • /dev/null avoid displaying the binary key on standard output

The Vivaldi keyring file in the trusted.gpg.d directory ( as desidered )

You can also use wget to download the key

wget --quiet -O - https://repo.vivaldi.com/stable/linux_signing_key.pub | 
gpg --dearmor | 
sudo tee /etc/apt/trusted.gpg.d/bullseye-pgdg.gpg > 
/dev/null 

To view the key in plain text just use the first part of the command:

wget -O- https://repo.vivaldi.com/stable/linux_signing_key.pub

-----BEGIN PGP PUBLIC KEY BLOCK----- mQINBF3Kxh8BEACWWRSZLDXqxs+iqzdFv/rNOaHMmOm740ZLa1rovnJXhJ6ygcyp dP+FNGjqz1s+FfKhrUuhnr8jKzAsIXZrEN/bD3M4qdKmb+I8UCvJqOWoDSXm2Ksl uTgI5AOwgloxYFZ6SIOHe6Du1NDJh5XR/tx+ts8WZ8OstjrqCLADxmh+hGIIzJ+G 
...
...

below it is the warning about Vivaldi’s apt repository in debian bullseys (debian 10 testing) using apt-key. The warning that occurs when launching apt update is reported in full..

...
...
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://repo.vivaldi.com/stable/deb stable Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 793FEB8BB69735B2
W: Failed to fetch http://repo.vivaldi.com/stable/deb/dists/stable/Release.gpg  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 793FEB8BB69735B2
W: Some index files failed to download. They have been ignored, or old ones used instead.
...
...

The warning is also preceded by the following error line :

Err:11 The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 793FEB8BB69735B2

Risorse:

apt-key deprecated: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 7FCC7D46ACCC4CF8

Le versioni 11 Bullseye di Debian e la 22.04 di Ubuntu non utilizzeranno più apt-key ( apt-key deprecated ) per gestire l’elenco delle chiavi usate da apt per autenticare i pacchetti. Pertanto se si utilizza debian 10 testing ( Bullseye ) la procedura standard per importare la key del repository specifico di postgresql che utilizza apt-key porterà inevitabilmente al warning del titolo.

# Import the repository signing key:
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -

Per evitare il warning possiamo prelevare la key del repository in formato .asc, conventirla in formato gpg binario e aggiungerla alla directory specifica di apt /etc/apt/trusted.gpg.d

curl -fsSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/bullseye-pgdg.gpg > /dev/null

scomponendo il comando su più righe per una migliore lettura :

curl -fsSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | \
gpg --dearmor | \
sudo tee /etc/apt/trusted.gpg.d/bullseye-pgdg.gpg > \
/dev/null 
  • curl effettua il download della key .asc ( tipo testo ) del repository postgresql apt
  • gpg –dearmor crea un chiave gpg binaria
  • tee legge lo standard input e lo scrive sia standard output che sul file ( /etc/apt/trusted.gpg.d/bullseye-pgdg.gpg )
  • /dev/null evita la visualizzazione su standard output della key binaria

Il keyring file nella directory trusted.gpg.d come auspicato

Per il download della key si può anche utilizzare

wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc

di seguito il warning relativo al repository apt di postgresql in debian bullseys ( debian 10 testing ) utilizzando apt-key. Il warning che si presenta lanciando apt update è riportato integralmente.

...
...
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://apt.postgresql.org/pub/repos/apt bullseye-pgdg InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7FCC7D46ACCC4CF8
W: Failed to fetch http://apt.postgresql.org/pub/repos/apt/dists/bullseye-pgdg/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7FCC7D46ACCC4CF8
W: Some index files failed to download. They have been ignored, or old ones used instead.
...
...

Il warning è preceduto anche dalla seguente linea di errore:

Err:5 http://apt.postgresql.org/pub/repos/apt bullseye-pgdg InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7FCC7D46ACCC4CF8

Gli step per l’utilizzo del postgresql apt repository

# Create the file repository configuration:
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'

# Import the repository signing key:
wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -

# Update the package lists:
sudo apt-get update

Risorse: