7

I'm using Raspbian Jessie but there are a few packages I want that aren't available (but are in Debian Stretch repos). I want to temporarily use the Stretch repo to install them (and any otherwise-unsatisfied dependencies) but without making anything else come from there in the future.

I understand things might not work; etc.; I'm just trying something out on a throwaway install :)

I tried rigging some files (based on this answer) but I got this.. not sure a) how to fix it and b) whether I'm doing things the right way!

W: GPG error: http://ftp.uk.debian.org stretch InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010
Improve this question
9
  • More details would be helpful. You are presumably pulling stuff from the ARM arch of Stretch. What packages? And you are getting the gpg error because you don't have the public key, like the error says. Just install it,and the error will go away. apt-cache search debian keyring gives a bunch of choices. You want debian-archive-keyring. Commented Apr 3, 2016 at 17:52
  • Better using the backports deb http://http.debian.net/debian jessie-backports main Commented Apr 3, 2016 at 17:53
  • @RuiFRibeiro Depends whether they are available in backports. Commented Apr 3, 2016 at 17:54
  • @FaheemMitha I don't know how to "Just install the key" and I've failed at Googling to find out how :( One page suggested doing apt-get install debian-keychain which didn't appear to solve it Commented Apr 3, 2016 at 17:55
  • @RuiFRibeiro The package I want letsencrypt is indeed there; though I don't know the difference. Sounds like a better choice, but question remains, how can I get my Pi to use it? Commented Apr 3, 2016 at 17:55

4 Answers 4

Reset to default
9

As backports has letsencrypt, I recommend using jessie-backports as it brings less new/packages dependencies than drinking directly from stretch.

To use Jessie backports and install letsencrypt from it:

Add to /etc/apt/sources.list:

deb http://httpredir.debian.org/debian jessie-backports main contrib non-free

The run:

apt-get update

As for installing the key, I confirm you can do:

gpg --keyserver pgpkeys.mit.edu --recv-key 8B48AD6246925553 gpg -a --export 8B48AD6246925553 | sudo apt-key add -

and also with the key 7638D0442B90D010

gpg --keyserver pgpkeys.mit.edu --recv-key 7638D0442B90D010 gpg -a --export 7638D0442B90D010 | sudo apt-key add -

And finally to install letsencrypt:

apt-get install -t jessie-backports letsencrypt
Improve this answer
8
  • What do I need to do to trust that url? W: GPG error: http://http.debian.net jessie-backports InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010 Commented Apr 3, 2016 at 18:03
  • 1
    I saw this but the presence of a .mit.edu domain makes me wonder whether that's the right thing? (and I have two keys there?) Commented Apr 3, 2016 at 18:04
  • It is a key repository; I added it to the answer. Commented Apr 3, 2016 at 18:09
  • 2
    @DannyTuppeny pgpkeys.mit.edu is just a large, and standard, GPG repository. Everyone uses it. Commented Apr 3, 2016 at 18:46
  • 2
    pgpkeys.mit.edu should not be used directly as it may not always be available (as I found out recently). It is prefered to use the pool: hkp://pool.sks-keyservers.net:80 Commented Jun 7, 2019 at 9:08
2

For me, the easiest way was run:

aptitude install debian-keyring debian-archive-keyring

No more errors :)

Improve this answer
2
1

For some reason, the various combinations on this page didn't work for me. The steps that finally did were to download and install both up-to-date keyrings from the following locations:

https://deb.debian.org/debian/pool/main/d/debian-archive-keyring/ https://deb.debian.org/debian/pool/main/d/debian-keyring/

As an example (that will become invalid as the keyrings age out):

curl http://ftp.ca.debian.org/debian/pool/main/d/debian-keyring/debian-keyring_2021.03.24_all.deb > debian-keyring.deb dpkg -i debian-keyring.deb curl http://ftp.ca.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2021.1.1_all.deb > debian-archive-keyring.deb dpkg -i debian-archive-keyring.deb

Once that was done I was left with the following error:

W: GPG error: http://aptcache:3142 jessie Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7638D0442B90D010

So that was added with the following:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 7638D0442B90D010

Now I'm finally in a good spot. I struggled for quite awhile as my base debian-keyring was from 2015 and I hadn't noticed.

Improve this answer
0

I was only able to succeed after combining both Cristian Deluxe and Rui F Ribeiro answer. (I've mark their answered correct as it is their original work)

Append the following text to /etc/apt/sources.list

deb http://httpredir.debian.org/debian jessie-backports main contrib non-free

I had to install the debian-keyring and debian-archive-keyring

apt-get install -y debian-keyring debian-archive-keyring

Install the GPG keys.

gpg --keyserver pgpkeys.mit.edu --recv-key 8B48AD6246925553 gpg -a --export 8B48AD6246925553 | sudo apt-key add - gpg --keyserver pgpkeys.mit.edu --recv-key 7638D0442B90D010 gpg -a --export 7638D0442B90D010 | sudo apt-key add -

Finally performed the apt-get update

apt-get update

only after the above steps, could I perform the install of the packages in the backports.

[Further Edit] In some of my Raspbian boxes I got an error that dirmngr was not running. Fix that by doing the following

apt-get install -y dirmngr
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.