Site icon Bytefreaks.net

Cannot update Kali Linux due to invalid signatures

Advertisements

We have this Kali live USB for a few months and it was not used in between. Yesterday, we tried to use it and noticed that we could not perform any updates as we were getting the following error:

The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>

The same stick was used in the past to create a native installation on a PC that had the same issue (because it was also not used for some time).

To fix the issue we had to get a fresh copy of the archive key for Kali repositories and import it into apt.
To do so, our one line solution was the following:


wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add;

To breakdown what the command is all about: we used wget, which is a non-interactive network retriever, to download the PGP public key for the Kali archives. Instead of saving the key as a file to the filesystem, we used the parameters -q and -O so that wget would be quiet and not create any output of its own and print the key on the terminal (using -O). Then we piped the key to apt-key add to add it to the system. After doing so, we were able to properly update the complete system using the following commands:


apt-get update && apt-get upgrade && apt-get dist-upgrade;

Below you will find our console logs:

root@kali:~# apt-get update && apt-get upgrade && apt-get dist-upgrade
Get:1 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling InRelease [30.5 kB]
Err:1 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling InRelease
The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
Fetched 30.5 kB in 2s (10.5 kB/s)
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling InRelease: The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
W: Failed to fetch http://http.kali.org/kali/dists/kali-rolling/InRelease The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists... Done
Building dependency tree 
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Reading package lists... Done
Building dependency tree 
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

root@kali:~# wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add
OK

root@kali:~# apt-get update && apt-get upgrade && apt-get dist-upgrade
Get:1 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling InRelease [30.5 kB]
Get:2 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/main amd64 Packages [16.2 MB]
Get:2 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/main amd64 Packages [16.2 MB] 
Get:3 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/non-free amd64 Packages [166 kB] 
Get:4 http://ftp.acc.umu.se/mirror/kali.org/kali kali-rolling/contrib amd64 Packages [99.0 kB] 
Fetched 451 kB in 1min 6s (6790 B/s) 
Reading package lists... Done
Reading package lists... Done
Building dependency tree 
Reading state information... Done
Calculating upgrade... Done

This post is also available in: Αγγλικα

Exit mobile version