Tuesday, 5 August 2008

apt-get update GPG errors

I have a small network and I use apt-cacher as an apt proxy to save having to download the same thing multiple times. I also use an unofficial Ubuntu mirror that my ISP provides because I am on a capped plan and use of their repository does not count towards my downloads.

Unfortunately I have an occasional problem where aptitude decides that my GPG key is bad and I get errors like this on my local proxy;

W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used.GPG error: http://apt-proxy hardy-backports Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key

Now, I'm not sure whether the problem is with my local proxy or the ISP's mirror but to fix it I need to issue the following command;

sudo apt-get update -o Acquire::BrokenProxy=true

Everything should be OK from there. If you still have problems, I have also sometimes found that if 'sudo apt-get update' fails, using 'sudo aptitude update' instead works.

I have no idea why.


DaveMc said...

Seems the version of apt-cacher with Hardy is ancient, and the above problem is widely reported.

Until a backport is done, you need a newer version of apt-cacher from here

Brett said...

Thanks DaveMc!

After upgrading to Jaunty apt-cacher had become totally unusable forcing a migration to apt-cacher-ng as you suggested.

I wrote about it here