apt-key gpg key import on Ubuntu and Debian

Should you need to download packages from a unofficial repository, you need not disable gpg signature verification. Instead, you can import the key used to sign the packages into your local keyring.

Of course, you may not know what key to fetch. That’s probably okay, as if the public portion of key is not explicitly divulged, it is probably in a key repository. If you can find the email address of the repository owner, that’s probably the piece of information you need to retrieve the key.

$ gpg --keyserver subkeys.pgp.net --search-keys jasonb@edseek.com
pg: searching for "jasonb@edseek.com" from hkp server subkeys.pgp.net
(1)     Jason Boxman 
          1024 bit DSA key 4BD9A338, created: 2002-12-06

Next, select the key that seems most appropriate. There may only be one, or one may mention repository signing key or something similar. When in doubt you can fetch all the keys. Next we must armor export the key.

$ gpg -a --output /tmp/pub.asc --export 4BD9A338

Finally, let us tell apt about the key.

$ sudo apt-key add /tmp/pub.asc && rm /tmp/pub.asc

Only perform the above action if you really trust the key. (And I do mean the key, as it ultimately is what is granted trust, not whoever purports to be its owner.)

# apt-get update

And you are on your way again!

5 Comments

  1. aceqbaceq
    Posted 4/30/2009 at 1:48 am | Permalink

    very big thank you man!

  2. Posted 6/30/2009 at 7:54 am | Permalink

    Thank you very very much!

  3. CHaoSlayeR
    Posted 8/29/2009 at 3:21 am | Permalink

    You can do this with a one-liner (for this we have to know the key, which is always provided for the repos):

    sudo apt-key adv –keyserver subkeys.pgp.net –recv-keys 4BD9A338

    C]-[aoZ

  4. CHaoSlayeR
    Posted 8/29/2009 at 3:23 am | Permalink

    ^^ replace — with 2x -

    (I hate software that thinks it is smarter than me)

  5. olafrv
    Posted 10/4/2009 at 8:03 am | Permalink

    gpg –recv-key DCF9F87B6DFBCBAE
    gpg –list-public-keys
    gpg –export 6DFBCBAE | apt-key add -

One Trackback

  1. By Navit PPA key « Functional and free on 5/3/2010 at 11:07 am

    [...] on how to add a certain key that provides authorization, but it didn’t work for me. I puzzled it to gether like [...]

Post a Comment

Your email is never shared. Required fields are marked *

*
*