Sunday, November 22, 2009

GPG Error: ... : NO_PUBKEY D739676F7613768D

You run an apt-get update and it gives some errors which are difficult to comprehend. The output looks some like this

Fetched 924B in 2s (352B/s)
W: GPG error: http://ppa.launchpad.net karmic Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY D739676F7613768D
W: GPG error: http://ppa.launchpad.net karmic Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2836CB0A8AC93F7A
W: GPG error: http://ppa.launchpad.net karmic Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2836CB0A8AC93F7A


What to do... How to remove these errors. Well, some public keys are unavailable due to which these errors are happening. Ok, ok, but how to go about it? How do i fix it?

The easiest way is to get this script. The script does not enable the PPAs that are disabled. But for all enabled PPAs it fetches their keys and installs them

jayant@gamegeek:~/bin$ cat launchpad-update 
#! /bin/sh

# Simple script to check for all PPAs refernced in your apt sources and
# to grab any signing keys you are missing from keyserver.ubuntu.com.
# Additionally copes with users on launchpad with multiple PPAs
# (e.g., ~asac)
#
# Author: Dominic Evans https://launchpad.net/~oldman
# License: LGPL v2

for APT in `find /etc/apt/ -name *.list`; do
grep -o "^deb http://ppa.launchpad.net/[a-z0-9\-]\+/[a-z0-9\-]\+" $APT | while read ENTRY ; do
# work out the referenced user and their ppa
USER=`echo $ENTRY | cut -d/ -f4`
PPA=`echo $ENTRY | cut -d/ -f5`
# some legacy PPAs say 'ubuntu' when they really mean 'ppa', fix that up
if [ "ubuntu" = "$PPA" ]
then
PPA=ppa
fi
# scrape the ppa page to get the keyid
KEYID=`wget -q --no-check-certificate https://launchpad.net/~$USER/+archive/$PPA -O- | grep -o "1024R/[A-Z0-9]\+" | cut -d/ -f2`
sudo apt-key adv --list-keys $KEYID >/dev/null 2>&1
if [ $? != 0 ]
then
echo Grabbing key $KEYID for archive $PPA by ~$USER
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com $KEYID
else
echo Already have key $KEYID for archive $PPA by ~$USER
fi
done
done

echo DONE



Make the script executable

$ chmod a+x launchpad-update

And run the script

jayant@gamegeek:~/bin$ sudo ./launchpad-update 
Grabbing key 7613768D for archive vlc by ~c-korn
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --recv-keys --keyserver keyserver.ubuntu.com 7613768D
gpg: requesting key 7613768D from hkp server keyserver.ubuntu.com
gpg: key 7613768D: public key "Launchpad PPA named vlc for Christoph Korn" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
Already have key 4E5E17B5 for archive ppa by ~chromium-daily
Grabbing key 8AC93F7A for archive backports by ~kubuntu-ppa
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --recv-keys --keyserver keyserver.ubuntu.com 8AC93F7A
gpg: requesting key 8AC93F7A from hkp server keyserver.ubuntu.com
gpg: key 8AC93F7A: public key "Launchpad Kubuntu Updates" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
Already have key 8AC93F7A for archive staging by ~kubuntu-ppa
DONE



Thats it... Done...
Now if you run sudo apt-get update, you should not get any errors about PUBKEYs...

4 comments:

jdb2 said...

Works like a charm! -- That is, after I added single quotes around *.list -> '*.list' in

for APT in `find /etc/apt/ -name *.list`; do

;) ( I make this mistake all the time )

Enjoy the free beer! :)

cmcanulty said...

Can you explain how to run a script, I am getting tons of no public key errors with Ubuntu karmic but don't understand what to do with your script. I saved the file but now what? Thank you

Jayant Kumar said...

running the script is there in the blog itself. you will have to do.

chmod a+x launchpad-update
sudo ./launchpad-update

On the konsole...

Anonymous said...

Thanks a lot....it worked...
but still
i couldnt get this...only
W: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 2836CB0A8AC93F7A