Seems that download.openvz.org/debian keys are obsolete for current APT tools versions:
$ sudo apt-get update Ign:1 http://debian.grn.cat/debian stretch InRelease Ign:2 http://repos.actiu.net/libre stretch InRelease Hit:3 http://security.debian.org/debian-security stretch/updates InRelease Hit:4 http://debian.grn.cat/debian stretch-updates InRelease Hit:5 http://repos.actiu.net/libre stretch Release Hit:6 http://debian.grn.cat/debian stretch-backports InRelease Ign:7 http://download.openvz.org/debian wheezy InRelease Hit:8 http://debian.grn.cat/debian stretch Release Hit:10 http://download.openvz.org/debian wheezy Release Get:12 http://download.openvz.org/debian wheezy Release.gpg [198 B] Ign:12 http://download.openvz.org/debian wheezy Release.gpg Fetched 198 B in 1s (180 B/s) Reading package lists... Done W: GPG error: http://download.openvz.org/debian wheezy Release: The following signatures were invalid: DA2458173935F9DE9B76BA7547B5DBAB0FCA9BAC W: The repository 'http://download.openvz.org/debian wheezy Release' is not signed. N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use. N: See apt-secure(8) manpage for repository creation and user configuration details. $ sudo nano /etc/apt/sources.list.d/openvz.list $ sudo apt-get update Ign:1 http://repos.actiu.net/libre stretch InRelease Ign:2 http://debian.grn.cat/debian stretch InRelease Hit:3 http://repos.actiu.net/libre stretch Release Hit:4 http://debian.grn.cat/debian stretch-updates InRelease Hit:5 http://security.debian.org/debian-security stretch/updates InRelease Hit:7 http://debian.grn.cat/debian stretch-backports InRelease Ign:8 http://download.openvz.org/debian jessie InRelease Hit:9 http://debian.grn.cat/debian stretch Release Get:11 http://download.openvz.org/debian jessie Release [13.4 kB] Get:12 http://download.openvz.org/debian jessie Release.gpg [198 B] Ign:12 http://download.openvz.org/debian jessie Release.gpg Get:13 http://download.openvz.org/debian jessie/main amd64 Packages [1883 B] Get:14 http://download.openvz.org/debian jessie/main amd64 Contents (deb) [1264 B] Fetched 16.7 kB in 1s (9721 B/s) Reading package lists... Done W: GPG error: http://download.openvz.org/debian jessie Release: The following signatures were invalid: DA2458173935F9DE9B76BA7547B5DBAB0FCA9BAC W: The repository 'http://download.openvz.org/debian jessie Release' is not signed. N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use. N: See apt-secure(8) manpage for repository creation and user configuration details. Tried using https://download.openvz.org/debian/archive.key with apt-key and saving https://download.openvz.org/debian/dists/jessie/Release.gpg to /usr/share/keyrings _______________________________________________ Users mailing list Users@openvz.org https://lists.openvz.org/mailman/listinfo/users