GPG Errors While Updating Kali Linux
I often run into the same GPG errors while updating Kali Linux’s apt-get repositories. The fix is simple enough but I seem to always end up Googling for longer than necessary so I wanted to place the working steps in a single place where I could have them when I undoubtably run into this issue again in the future.
Error Running apt-get update
root@kali-pentest:~# apt update Get:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease [30.5 kB] Err:1 http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository
Fetched 30.5 kB in 1s (25.4 kB/s) Reading package lists... Done Building dependency tree Reading state information... Done 167 packages can be upgraded. Run 'apt list --upgradable' to see them. W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://mirrors.ocf.berkeley.edu/kali kali-rolling InRelease: The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository W: Failed to fetch http://http.kali.org/kali/dists/kali-rolling/InRelease The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository W: Some index files failed to download. They have been ignored, or old ones used instead.
The problem here which is clearly stated in the error message is that the GPG key 7D8D0BF6 is invalid. This issue can be easily resolved. Simply add the invalid signature to your GPG key store.
root@kali-pentest:/etc/apt# apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6 Executing: /tmp/apt-key-gpghome.nI36lXg6L5/gpg.1.sh --keyserver hkp://keys.gnupg.net --recv-keys 7D8D0BF6 gpg: key ED444FF07D8D0BF6: "Kali Linux Repository
" 140 new signatures gpg: Total number processed: 1 gpg: new signatures: 140
Kali Linux Proper Sources.list
Occasionally after resolving the GPG errors I’ll then run into 404 errors while trying to run apt update. This bare bones sources.list file should get the job done every time you’re updating Kali Linux without errors.
# deb cdrom:[Debian GNU/Linux 2017.1 _Kali-rolling_ - Official Snapshot amd64 LIVE/INSTALL Binary 20170416-02:08]/ kali-rolling contrib main non-free #deb cdrom:[Debian GNU/Linux 2017.1 _Kali-rolling_ - Official Snapshot amd64 LIVE/INSTALL Binary 20170416-02:08]/ kali-rolling contrib main non-free deb http://http.kali.org/kali kali-rolling main non-free contrib # deb-src http://http.kali.org/kali kali-rolling main non-free contrib
Share this article
- Attacking Palo Alto Networks PAN-OS ‘readSessionVarsFromFile()’
- GPG Errors While Updating Kali Linux
- Installing Kali NetHunter on HTC Nexus 9
- Recovering Passwords From Hibernated Windows Machines
- How To Install Metasploit Framework Ubuntu 17.10
- Forensics and Incident Response
- Information Gathering
- Penetration Testing Tutorials
- Web Applications
Web Application Hacking