aptly
aptly copied to clipboard
aptly-dev
Using gpg2, getting error "Can't check signature: public key not found "
Trying to use aptly with keyrings generated with the current version of gpg in Debian bullseye fails with semi-obscure gpg errors.
Detailed description
This is Debian bug #1005289 (https://bugs.debian.org/#1005289).
gpgv: Signature made Sat 18 Dec 2021 11:39:50 CET using RSA key ID 22F3D138
gpgv: [don't know]: invalid packet (ctb=00)
gpgv: keydb_search failed: invalid packet
gpgv: Can't check signature: public key not found
Context
This is mentioned in a couple of upstream bugs:
- #838
- #822
Given that gpg2 is the default version of gpg in Debian, this invalidates, for example, following the tutorial at https://www.aptly.info/tutorial/mirror.
Your Environment
Default setup on Debian bullseye.
I also just ran into this issue and found that aptly only supports gpg1.
In fact, I found that aptly supports gpg2:
- https://github.com/aptly-dev/aptly/pull/779
- https://github.com/aptly-dev/aptly/releases/tag/v1.4.0
Then, I found this option:
-keyring=trustedkeys.gpg: gpg keyring to use when verifying Release file (could be specified multiple times)
https://www.aptly.info/doc/aptly/mirror/create/
So I use:
aptly mirror create -architectures=amd64 -filter='Priority (required) | Priority (important) | Priority (standard)' -keyring=~/.gnupg/pubring.kbx sid-main http://deb.debian.org/debian/ sid main
Now it seems to be working properly:
Mirror [sid-main]: http://deb.debian.org/debian/ sid successfully added.
You can run 'aptly mirror update sid-main' to download repository contents.
