zsh-autosuggestions icon indicating copy to clipboard operation
zsh-autosuggestions copied to clipboard

Published 20 hours ago verified publisher icon zsh-users

An error occurred during the signature verification.

Open modem7 opened this issue 1 year ago • 27 comments

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease: The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]>

Static hostname: Netboot
       Icon name: computer-container
         Chassis: container
      Machine ID: 7b708ae53aec432d9a1a11b27b7a7891
         Boot ID: 7b48c75bb0d24266bdc908133632662b
  Virtualization: lxc
Operating System: Ubuntu 22.04.4 LTS
          Kernel: Linux 6.5.13-1-pve
    Architecture: x86-64

modem7 avatar Mar 11 '24 02:03 modem7

I am getting similar issues with a package install:

Err:4 http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/Raspbian_11  InRelease
  The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]>

/etc/apt/trusted.gpg.d/shells_zsh-users_zsh-autosuggestions.gpg
---------------------------------------------------------------
pub   rsa2048 2017-08-05 [SC] [expired: 2024-03-08]
      4919 522E 6859 A907 47C6  D97A 767B 5F35 0F20 116F
uid           [ expired] shells:zsh-users OBS Project <shells:[email protected]>

i tried deleting and re-adding the key but it still says expired

pdobrien3 avatar Mar 12 '24 18:03 pdobrien3

there is a similar closed issue but with the 19.04 version the solution involved using the 20.04 Key instead of the 19.04 because it was expired, projecting the same solution here i think we should use the 23.04 with 22.04 repository any opinions ? here is the closed issue #478

Mohamed2Sherif avatar Mar 15 '24 01:03 Mohamed2Sherif

my only issue is I use it on several different platforms (ubuntu, debian and Raspberry OS). To my knowledge, this won't be an all inclusive solution. Why has the key expired?

pdobrien3 avatar Mar 15 '24 11:03 pdobrien3

Similar here:W: GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 767B5F350F20116F E: The repository 'http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default.

marcossilvestrini avatar Mar 19 '24 12:03 marcossilvestrini

Similar here:W: GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 767B5F350F20116F E: The repository 'http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default.

just got the same error and cant find a way to fix it either

That1Panda avatar Mar 24 '24 03:03 That1Panda

Is the project dead or are the maintainers not interested in this issue?

The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease: The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project shells:[email protected]

ARehmanMahi avatar Mar 24 '24 10:03 ARehmanMahi

Also having this issue.

itsagift avatar Mar 30 '24 14:03 itsagift

Same issue:

W: GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease: The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]> E: The repository 'http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details.

Spoilage3785 avatar Mar 30 '24 20:03 Spoilage3785

Same issue: Err:4 http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]> W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease: The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]>

mhqmarques avatar Apr 01 '24 13:04 mhqmarques

same: W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-completions/xUbuntu_22.04 InRelease: The following signatures were invalid: EXPKEYSIG 9CBE063CAB8FE1F1 shells:zsh-users:zsh-completions OBS Project shells:zsh-users:[email protected] E: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-completions/xUbuntu_22.04 InRelease is not (yet) available (The following signatures were invalid: EXPKEYSIG 9CBE063CAB8FE1F1 shells:zsh-users:zsh-completions OBS Project shells:zsh-users:[email protected])

jmagar avatar Apr 01 '24 18:04 jmagar

same here... W: GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease: The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]> E: The repository 'http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details.

MathoAvito avatar Apr 02 '24 14:04 MathoAvito

Same here too:

W: GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease: The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]> E: The repository 'http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/xUbuntu_22.04 InRelease' is not signed.

bugraahmetcaglar avatar Apr 03 '24 19:04 bugraahmetcaglar

Same here

W: GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/Raspbian_9.0  InRelease: The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]>
E: The repository 'http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/Raspbian_9.0  InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

geekyHat avatar Apr 08 '24 08:04 geekyHat

And not only for this project, but an array of zsh-users repos: W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-autosuggestions/Debian_11 InRelease: The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]>

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-completions/Debian_11 InRelease: The following signatures were invalid: EXPKEYSIG 9CBE063CAB8FE1F1 shells:zsh-users:zsh-completions OBS Project <shells:zsh-users:[email protected]>

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-syntax-highlighting/Debian_11 InRelease: The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]>

johncassil avatar Apr 18 '24 03:04 johncassil

Looks like the project maintainer needs to run the refresh_key build script located at https://build.opensuse.org/project/show/shells:zsh-users:zsh-autosuggestions

Pretty simple fix from what it looks like. @nicoulaj can you run that for us?

dragonfleas avatar Apr 26 '24 15:04 dragonfleas

@nicoulaj any chance you can run the refresh_key script to fix this?

ahashim avatar May 09 '24 15:05 ahashim

Same issue ++

AxoyTO avatar Jun 02 '24 09:06 AxoyTO

I don't know if this work but did someone try to add the debian repository ?

Mohamed2Sherif avatar Jun 05 '24 13:06 Mohamed2Sherif

chiming in also having this issue here.

jmerritt avatar Jun 24 '24 11:06 jmerritt

i encounter this error when trying sudo apt update in WSL 2

Hit:1 http://security.ubuntu.com/ubuntu jammy-security InRelease
Get:2 http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-syntax-highlighting/xUbuntu_22.04  InRelease [1579 B]
Hit:3 http://archive.ubuntu.com/ubuntu jammy InRelease
Err:2 http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-syntax-highlighting/xUbuntu_22.04  InRelease
  The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]>
Hit:4 https://ppa.launchpadcontent.net/git-core/ppa/ubuntu jammy InRelease
Hit:5 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:6 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Get:7 https://repo.fig.io/apt stable InRelease [2438 B]
Reading package lists... Done
W: GPG error: http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-syntax-highlighting/xUbuntu_22.04  InRelease: The following signatures were invalid: EXPKEYSIG 767B5F350F20116F shells:zsh-users OBS Project <shells:[email protected]>
E: The repository 'http://download.opensuse.org/repositories/shells:/zsh-users:/zsh-syntax-highlighting/xUbuntu_22.04  InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

tempewda avatar Jun 27 '24 14:06 tempewda

It is not a solution to the problem. But if you wanted to try it to see if you like it you can follow this: https://gist.github.com/dogrocker/1efb8fd9427779c827058f873b94df95

nck974 avatar Jul 08 '24 22:07 nck974

same issue. can't update to ubuntu 24 because of it.

davidysoards avatar Jul 16 '24 03:07 davidysoards

same issue. can't update to ubuntu 24 because of it.

Remove the repository.

mikocevar avatar Jul 16 '24 06:07 mikocevar

You can get the new signing key (expires 2026-05-04) from https://build.opensuse.org/projects/shells:zsh-users:zsh-autosuggestions/signing_keys You can download the key from the page or simply run this command: wget -qO- https://build.opensuse.org/projects/shells:zsh-users:zsh-autosuggestions/signing_keys/download\?kind\=gpg | sudo apt-key add -

Edit: and you probably have to delete the expired key first using sudo apt-key del 767B5F350F20116F

muddermanden avatar Aug 13 '24 09:08 muddermanden

You can get the new signing key (expires 2026-05-04) from https://build.opensuse.org/projects/shells:zsh-users:zsh-autosuggestions/signing_keys You can download the key from the page or simply run this command: wget -qO- https://build.opensuse.org/projects/shells:zsh-users:zsh-autosuggestions/signing_keys/download\?kind\=gpg | sudo apt-key add -

Edit: and you probably have to delete the expired key first using sudo apt-key del 767B5F350F20116F

If using gpg instead:

sudo rm /etc/apt/trusted.gpg.d/shells_zsh-users_zsh-autosuggestions.gpg # may be named differently depending on installation method
wget -qO- https://build.opensuse.org/projects/shells:zsh-users:zsh-autosuggestions/signing_keys/download\?kind\=gpg | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/shells_zsh-users_zsh-autosuggestions.gpg
sudo apt update

ahashim avatar Aug 13 '24 16:08 ahashim