In this post we are sharing the solution of a problem which we have encountered. While installing the packages through apt command in Ubuntu Operating System we found this problem – “gpg error the following signatures couldn’t be verified”.
What is GPG ?
GNU Privacy Guard (GPG) is a free and open source software for encryption and alternative to Symantec’s cryptographic suite PGP. You can encrypt, decrypt and sign the files and messages with the help of GPG.
What is the reason of GPG error on apt install ?
In this case, we are trying to install the package with the help of apt command. During installation the apt command will connect to apt repositories and it also check the file integrity. Due to lack of public key the GPG verification get broken while connecting to apt repository and hence we get this error.
Steps to solve GPG error
The solution of this problem is update the GPG key . In our scenario we got the problem while installing the package via apt. We are solving this error as per our scenario.
The given below is the error which we found on our server while installing HAProxy package, we have underlined the complete error:
GPG error: http://ppa.launchpad.net trusty InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 505D97A41C61B9CD .
In above you can see, the blue colored words.Actually, it is missing key looking by apt. In your case, the key may be different. You may have more than one key also which are missing.
Update GPG key
Use the given below command syntax. And replace ‘missing public key’ with your actual key info in below given syntax.
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys [missing public key]
For Example : Just like we have given ‘missing public key’ info in given below command line
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 505D97A41C61B9CD
Run apt update
Run the given below command to update the system repo information. This will update the key.
sudo apt-get update
Example from our system :
root@ip-10-0-0-190:~# apt-get update
Ign http://us-east-1.ec2.archive.ubuntu.com trusty InRelease
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates InRelease
Hit http://us-east-1.ec2.archive.ubuntu.com trusty Release.gpg
Hit http://us-east-1.ec2.archive.ubuntu.com trusty Release
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/main Sources
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/universe Sources
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/main amd64 Packages
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/universe amd64 Packages
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/main Translation-en
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/universe Translation-en
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/main Sources
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/universe Sources
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/main amd64 Packages
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/universe amd64 Packages
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/main Translation-en
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/universe Translation-en
Ign http://us-east-1.ec2.archive.ubuntu.com trusty/main Translation-en_US
Ign http://us-east-1.ec2.archive.ubuntu.com trusty/universe Translation-en_US
Get:1 http://ppa.launchpad.net trusty InRelease [15.4 kB]
Ign http://ppa.launchpad.net trusty InRelease
Ign http://ppa.launchpad.net trusty/main Sources/DiffIndex
Ign http://ppa.launchpad.net trusty/main amd64 Packages/DiffIndex
Hit http://ppa.launchpad.net trusty/main Translation-en
Hit http://ppa.launchpad.net trusty/main Sources
Hit http://ppa.launchpad.net trusty/main amd64 Packages
Ign http://ppa.launchpad.net trusty/main Translation-en_US
Hit http://security.ubuntu.com trusty-security InRelease
Get:2 http://security.ubuntu.com trusty-security/main Sources [101 kB]
Get:3 http://security.ubuntu.com trusty-security/universe Sources [31.9 kB]
Get:4 http://security.ubuntu.com trusty-security/main amd64 Packages [382 kB]
Get:5 http://security.ubuntu.com trusty-security/universe amd64 Packages [120 kB]
Hit http://security.ubuntu.com trusty-security/main Translation-en
Hit http://security.ubuntu.com trusty-security/universe Translation-en
Fetched 651 kB in 15s (42.2 kB/s)
Reading package lists... Done
W: GPG error: http://ppa.launchpad.net trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 505D97A41C61B9CD
root@ip-10-0-0-190:~# ls /etc/apt/
apt.conf.d preferences.d sources.list sources.list.d trusted.gpg trusted.gpg.d
root@ip-10-0-0-190:~# ls /etc/apt/trusted.gpg
/etc/apt/trusted.gpg
root@ip-10-0-0-190:~# ls /etc/apt/trusted.gpg.d/
root@ip-10-0-0-190:~# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 505D97A41C61B9CD
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.4uI8adxCEb --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 505D97A41C61B9CD
gpg: requesting key 1C61B9CD from hkp server keyserver.ubuntu.com
gpg: key 1C61B9CD: public key "Launchpad PPA for Vincent Bernat" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
root@ip-10-0-0-190:~# apt-get update
Ign http://us-east-1.ec2.archive.ubuntu.com trusty InRelease
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates InRelease
Hit http://us-east-1.ec2.archive.ubuntu.com trusty Release.gpg
Hit http://us-east-1.ec2.archive.ubuntu.com trusty Release
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/main Sources
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/universe Sources
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/main amd64 Packages
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/universe amd64 Packages
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/main Translation-en
Hit http://us-east-1.ec2.archive.ubuntu.com trusty-updates/universe Translation-en
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/main Sources
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/universe Sources
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/main amd64 Packages
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/universe amd64 Packages
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/main Translation-en
Hit http://us-east-1.ec2.archive.ubuntu.com trusty/universe Translation-en
Ign http://us-east-1.ec2.archive.ubuntu.com trusty/main Translation-en_US
Ign http://us-east-1.ec2.archive.ubuntu.com trusty/universe Translation-en_US
Hit http://security.ubuntu.com trusty-security InRelease
Get:1 http://ppa.launchpad.net trusty InRelease [15.4 kB]
Hit http://security.ubuntu.com trusty-security/main Sources
Get:2 http://ppa.launchpad.net trusty/main Sources [1,461 B]
Hit http://security.ubuntu.com trusty-security/universe Sources
Hit http://security.ubuntu.com trusty-security/main amd64 Packages
Get:3 http://ppa.launchpad.net trusty/main amd64 Packages [1,801 B]
Hit http://security.ubuntu.com trusty-security/universe amd64 Packages
Get:4 http://ppa.launchpad.net trusty/main Translation-en [1,306 B]
Hit http://security.ubuntu.com trusty-security/main Translation-en
Hit http://security.ubuntu.com trusty-security/universe Translation-en
Fetched 20.0 kB in 1s (10.2 kB/s)
Reading package lists... Done
root@ip-10-0-0-190:~#
FAQ
Is GPG free or commercial.
GPG is free and open source encryption software.
Do this error ‘gpg error the following signatures couldn’t be verified’ occur only on Ubuntu?
No, it is not specific to any operating system. Basically where we use the GPG the possibility of this error could occur there
