[bareos-users] Re: Ubuntu 24.04 - Adding apt repositories fails

John Lockard Mon, 28 Oct 2024 13:02:59 -0700

The adding of the keyring is not the failure.  That adds just fine.  Try 
doing an 'apt update'


* Server certificate:
*  subject: CN=download.bareos.org
*  start date: Sep  3 21:23:43 2024 GMT
*  expire date: Dec  2 21:23:42 2024 GMT
*  subjectAltName: host "download.bareos.org" matched cert's 
"download.bareos.org"
*  issuer: C=US; O=Let's Encrypt; CN=R10
*  SSL certificate verify ok.
*   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), 
signed using sha256WithRSAEncryption
*   Certificate level 1: Public key type RSA (2048/112 Bits/secBits), 
signed using sha256WithRSAEncryption
*   Certificate level 2: Public key type RSA (4096/152 Bits/secBits), 
signed using sha256WithRSAEncryption
* using HTTP/1.x
} [5 bytes data]
> GET /current/xUbuntu_24.04/bareos-keyring.gpg HTTP/1.1
> Host: download.bareos.org
> User-Agent: curl/8.5.0
> Accept: */*
>
{ [5 bytes data]
< HTTP/1.1 200 OK
< Date: Mon, 28 Oct 2024 17:22:11 GMT
< Server: Apache
< Last-Modified: Fri, 11 Oct 2024 14:52:09 GMT
< ETag: "497-62434a1af8ece"
< Accept-Ranges: bytes
< Content-Length: 1175
< Strict-Transport-Security: max-age=31536000; preload
< Content-Security-Policy: child-src 'self' *.bareos.com *.bareos.org 
*.youtube.com
< X-Content-Type-Options: nosniff
<
{ [1175 bytes data]
100  1175  100  1175    0     0   2540      0 --:--:-- --:--:-- --:--:-- 
 2543
* Connection #0 to host download.bareos.org left intact
root@xx-xxxxx:/tmp# *apt update*
Hit:1 http://ubuntu22-mirror.dsc.umich.edu/miserver  InRelease
Hit:2 http://us.archive.ubuntu.com/ubuntu noble InRelease
Get:3 http://us.archive.ubuntu.com/ubuntu noble-updates InRelease [126 kB]
Get:4 http://security.ubuntu.com/ubuntu noble-security InRelease [126 kB]
Get:5 http://us.archive.ubuntu.com/ubuntu noble-backports InRelease [126 kB]
Hit:6 https://repo.zabbix.com/zabbix/6.4/ubuntu noble InRelease
Get:7 http://us.archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages 
[599 kB]
Get:8 http://us.archive.ubuntu.com/ubuntu noble-updates/main amd64 
Components [114 kB]
Get:9 http://us.archive.ubuntu.com/ubuntu noble-updates/restricted amd64 
Components [212 B]
Get:10 http://us.archive.ubuntu.com/ubuntu noble-updates/universe amd64 
Packages [709 kB]
Get:11 http://us.archive.ubuntu.com/ubuntu noble-updates/universe amd64 
Components [305 kB]
Get:12 http://us.archive.ubuntu.com/ubuntu noble-updates/multiverse amd64 
Components [940 B]
Get:13 http://us.archive.ubuntu.com/ubuntu noble-backports/main amd64 
Components [208 B]
Get:14 http://us.archive.ubuntu.com/ubuntu noble-backports/restricted amd64 
Components [212 B]
Get:15 http://us.archive.ubuntu.com/ubuntu noble-backports/universe amd64 
Components [21.1 kB]
Get:16 http://us.archive.ubuntu.com/ubuntu noble-backports/multiverse amd64 
Components [212 B]
Ign:17 https://pkg.duosecurity.com/Ubuntu jammy InRelease
Get:18 https://download.bareos.org/current/xUbuntu_24.04  InRelease [1,896 
B]
Get:19 http://security.ubuntu.com/ubuntu noble-security/main amd64 
Components [7,196 B]
Err:18 https://download.bareos.org/current/xUbuntu_24.04  InRelease
  The following signatures couldn't be verified because the public key is 
not available: NO_PUBKEY 42DA24A6DFEF9127
Get:20 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 
Components [212 B]
Get:21 http://security.ubuntu.com/ubuntu noble-security/universe amd64 
Packages [556 kB]
Hit:22 https://pkg.duosecurity.com/Ubuntu jammy Release
Get:24 http://security.ubuntu.com/ubuntu noble-security/universe amd64 
Components [51.9 kB]
Get:25 http://security.ubuntu.com/ubuntu noble-security/universe amd64 
c-n-f Metadata [13.5 kB]
Get:26 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 
Components [212 B]
Reading package lists... Done
W: GPG error: https://download.bareos.org/current/xUbuntu_24.04  InRelease: 
The following signatures couldn't be verified because the public key is not 
available: NO_PUBKEY 42DA24A6DFEF9127
E: The repository 'https://download.bareos.org/current/xUbuntu_24.04 
 InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore 
disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration 
details.

On Monday, October 28, 2024 at 6:51:09 AM UTC-4 Bruno Friedmann 
(bruno-at-bareos) wrote:

> Seems you are alone in that case, work well here (maybe you can retry)
>
>  curl -Lv -o /var/tmp/bareos-experimental.gpg 
> https://download.bareos.org/current/xUbuntu_24.04/bareos-keyring.gpg
>   % Total    % Received % Xferd  Average Speed   Time    Time     Time 
>  Current
>                                  Dload  Upload   Total   Spent    Left 
>  Speed
>   0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--   
>   0* Host download.bareos.org:443 was resolved.
> * IPv6: 2a03:4000:15:27f::1
> * IPv4: 185.170.114.121
> *   Trying [2a03:4000:15:27f::1]:443...
> * Connected to download.bareos.org (2a03:4000:15:27f::1) port 443
> * ALPN: curl offers h2,http/1.1
> } [5 bytes data]
> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
> } [512 bytes data]
> *  CAfile: /etc/ssl/certs/ca-certificates.crt
> *  CApath: /etc/ssl/certs
> { [5 bytes data]
> * TLSv1.3 (IN), TLS handshake, Server hello (2):
> { [93 bytes data]
> * TLSv1.2 (IN), TLS handshake, Certificate (11):
> { [2575 bytes data]
> * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
> { [333 bytes data]
> * TLSv1.2 (IN), TLS handshake, Server finished (14):
> { [4 bytes data]
> * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
> } [70 bytes data]
> * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
> } [1 bytes data]
> * TLSv1.2 (OUT), TLS handshake, Finished (20):
> } [16 bytes data]
> * TLSv1.2 (IN), TLS handshake, Finished (20):
> { [16 bytes data]
> * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 / prime256v1 
> / rsaEncryption
> * ALPN: server did not agree on a protocol. Uses default.
> * Server certificate:
> *  subject: CN=download.bareos.org
> *  start date: Sep  3 21:23:43 2024 GMT
> *  expire date: Dec  2 21:23:42 2024 GMT
> *  subjectAltName: host "download.bareos.org" matched cert's "
> download.bareos.org"
> *  issuer: C=US; O=Let's Encrypt; CN=R10
> *  SSL certificate verify ok.
> *   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), 
> signed using sha256WithRSAEncryption
> *   Certificate level 1: Public key type RSA (2048/112 Bits/secBits), 
> signed using sha256WithRSAEncryption
> *   Certificate level 2: Public key type RSA (4096/152 Bits/secBits), 
> signed using sha256WithRSAEncryption
> * using HTTP/1.x
> } [5 bytes data]
> > GET /current/xUbuntu_24.04/bareos-keyring.gpg HTTP/1.1
> > Host: download.bareos.org
> > User-Agent: curl/8.5.0
> > Accept: */*
> >
> { [5 bytes data]
> < HTTP/1.1 200 OK
> < Date: Mon, 28 Oct 2024 10:48:58 GMT
> < Server: Apache
> < Last-Modified: Fri, 11 Oct 2024 14:52:09 GMT
> < ETag: "497-62434a1af8ece"
> < Accept-Ranges: bytes
> < Content-Length: 1175
> < Strict-Transport-Security: max-age=31536000; preload
> < Content-Security-Policy: child-src 'self' *.bareos.com *.bareos.org *.
> youtube.com
> < X-Content-Type-Options: nosniff
> <
> { [1175 bytes data]
> 100  1175  100  1175    0     0  13473      0 --:--:-- --:--:-- --:--:-- 
> 13505
> * Connection #0 to host download.bareos.org left intact
>
> gpg  /var/tmp/bareos-experimental.gpg
> gpg: WARNING: no command supplied.  Trying to guess what you mean ...
> pub   rsa4096 2019-10-28 [SC]
>       82834CF002D89BA55C1ED0AA42DA24A6DFEF9127
> uid           Bareos experimental Signing Key <xxxx>
>
>
> On Saturday 26 October 2024 at 00:09:02 UTC+2 John Lockard wrote:
>
>> I've tried using the add_bareos_repositories script, as well as adding 
>> the .gpg keys, yet when doing 'apt update' I still get:
>>
>> Get:9 https://download.bareos.org/current/xUbuntu_24.04 InRelease [1,896 
>> B]
>> Err:9 https://download.bareos.org/current/xUbuntu_24.04 InRelease
>>   The following signatures couldn't be verified because the public key is 
>> not available: NO_PUBKEY 42DA24A6DFEF9127
>> Reading package lists... Done
>> W: GPG error: https://download.bareos.org/current/xUbuntu_24.04 
>> InRelease: The following signatures couldn't be verified because the public 
>> key is not available: NO_PUBKEY 42DA24A6DFEF9127
>> E: The repository 'https://download.bareos.org/current/xUbuntu_24.04 
>>  InRelease' is not signed.
>> N: Updating from such a repository can't be done securely, and is 
>> therefore disabled by default.
>>
>> I've also tried doing it by hand:
>>
>> wget -O /etc/apt/keyrings/bareos-experimental.gpg 
>> https://download.bareos.org/current/xUbuntu_24.04/bareos-keyring.gpg
>>
>> Same results.
>>
>> Bad keys on the Bareos site???
>>
>> Thanks,
>> -John
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"bareos-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion visit 
https://groups.google.com/d/msgid/bareos-users/455c44db-02d2-41db-8264-93a782c8fdf2n%40googlegroups.com.

[bareos-users] Re: Ubuntu 24.04 - Adding apt repositories fails

Reply via email to