Update PGP key in self hosted apt repository

Croolman

5/5/23, 8:43 AM

We are using the Sonatype Nexus Repository Manager to host apt repositories. The GPG key of one of them has expired recently and needed to be updated. What I thought would be sufficient was to generate new key pairs (as described in the official site docs), paste the new private key through the Nexus UI and new passphrase then apt-key add new public key on client system and all would be good to go. What happens instead is that apt update still says NO_PUBKEY <old_id>. I have no idea whatsoever where does the apt takes the information from now, that it misses the old key and does not "synchronize" the new key. I have also tried to delete contents of /var/lib/apt/lists/ directory before calling the apt update. What am I missing?

EDIT: All is run in clean docker, where only new key is added apt-key add public.gpg.key and new repository to /etc/apt/sources.list, echo "deb <repo_url> bionic main" >> /etc/apt/sources.list

354

0 + 0

gpg

nexus

apt

djdomi

5/5/23, 8:54 AM

show us the apt conf, the source conf where you put the repository, mostly or lets say sometimes the kry has been fixed there

Croolman

5/5/23, 8:57 AM

@djdomi I see what you mean. In the `sources.list` nothing is specified for the repository in `[]`.

Score:1

Server

Croolman

5/6/23, 12:00 PM

I have managed to solve the issue. The nexus apt repository creates two folders. One is called metadata and one is called packages. In metadata folder the files Release, InRelease and Release.gpg are created. These are not automatically regenerated when the key is changed in the UI. To force the regeneration of these files, the folder has to be deleted and a package has to be uploaded. This will trigger the regeneration of the metadata folder with all the appropriate files in it. After this operation, the keys are working.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Update PGP key in self hosted apt repository

TH: อัปเดตคีย์ PGP ในที่เก็บ apt ที่โฮสต์เอง

RO: Actualizați cheia PGP în depozitul de apt auto-găzduit

RU: Обновите ключ PGP в собственном репозитории apt

VI: Cập nhật khóa PGP trong kho lưu trữ apt tự lưu trữ

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.