如果看到这样的错误:
The following signatures were invalid: EXPKEYSIG 23E7166788B63E1E Yarn Packaging <[email protected]>
或像这样:
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://dl.yarnpkg.com/debian stable InRelease: The following signatures were invalid: EXPKEYSIG 23E7166788B63E1E Yarn Packaging <[email protected]>
W: Failed to fetch https://dl.yarnpkg.com/debian/dists/stable/InRelease The following signatures were invalid: EXPKEYSIG 23E7166788B63E1E Yarn Packaging <[email protected]>
这意味着您仍然具有用于签署Yarn版本的GPG密钥的较旧版本。 该密钥的有效期从2020年延长到2021年。要获取更新的密钥,请运行以下命令:
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
将来可能会自动执行。
重新自动化,发行版通常有一个-keyring
软件包,可以使用较新的密钥进行更新,也许您想研究一下? 例如https://packages.debian.org/buster/debian-archive-keyring
@ dario23是的,这就是我一直想做的事情,但是我还没有解决。 我想我可以在我们的仓库中添加一个yarn-keyring程序包,将其添加为yarn程序包的依赖项(以确保每个人都拥有它),然后在每次更改密钥时都更新该程序包。
sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com
也可以解决许多存在此问题的软件包的问题
谢谢@alexcdot! 该命令依赖于软件包存储库维护者将其公共密钥上传到Ubuntu密钥服务器,但是大多数这样做,因此通常不是问题:)
谢谢! @alexcdot
为什么在_sudo apt-key add -_命令之后什么也没发生? 我已经等了几分钟了。 看起来系统正在等待某些东西...
@Shekelme因为您分割了命令,所以它正在等待输入。 该命令应为curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
非常感谢,现在有所帮助!
应该为debian提供1.22.0吗?
@millette糟糕,很抱歉,当Yarn v1网站移至classic.yarnpkg.com时,自动更新脚本中断了。 我会修复它并部署1.22.0!
@millette现在应该可用: https :
刚刚在我的一台测试机上进行了测试,效果很好:
% sudo apt install yarn
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be upgraded:
yarn
1 upgraded, 0 newly installed, 0 to remove and 323 not upgraded.
Need to get 891 kB of archives.
After this operation, 4,096 B of additional disk space will be used.
Get:1 http://dl.yarnpkg.com/debian stable/main amd64 yarn all 1.22.0-1 [891 kB]
Fetched 891 kB in 0s (2,328 kB/s)
Reading changelogs... Done
(Reading database ... 261276 files and directories currently installed.)
Preparing to unpack .../archives/yarn_1.22.0-1_all.deb ...
Unpacking yarn (1.22.0-1) over (1.21.1-1) ...
Setting up yarn (1.22.0-1) ...
15:19 daniel<strong i="9">@vps03</strong> /home/daniel
% yarn --version
1.22.0
我也是,谢谢@ Daniel15
我在Windows 10下的Ubuntu下遇到相同的问题
Linux AVPHR-3HD87Y2-L 4.4.0-17134-Microsoft#1130-Microsoft Thu Nov 07 15:21:00 PST 2019 x86_64 x86_64 x86_64 GNU / Linux。
谢谢@ Daniel15
建议您解决方案。
更新就好了:curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt键添加-
由于此问题已经开放了足够长的时间,因此请关闭该问题。
sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com
也可以解决许多存在此问题的软件包的问题
如果@alexcdot的建议修复超时,请尝试通过端口80强制
sudo apt-key adv --refresh-keys --keyserver hkp://keyserver.ubuntu.com:80
sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com
也可以解决许多存在此问题的软件包的问题
该命令在AWS EC2 Ubuntu 18.04中非常有效
ubuntu<strong i="9">@demo</strong>:~$ sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com
Executing: /tmp/apt-key-gpghome.yhsIc98R5A/gpg.1.sh --refresh-keys --keyserver keyserver.ubuntu.com
gpg: refreshing 6 keys from hkp://keyserver.ubuntu.com
gpg: key 871920D1991BC93C: 1 signature not checked due to a missing key
gpg: key 871920D1991BC93C: "Ubuntu Archive Automatic Signing Key (2018) <[email protected]>" not changed
gpg: key D94AA3F0EFE21092: 2 duplicate signatures removed
gpg: key D94AA3F0EFE21092: 62 signatures not checked due to missing keys
gpg: key D94AA3F0EFE21092: "Ubuntu CD Image Automatic Signing Key (2012) <[email protected]>" 59 new signatures
gpg: key 3B4FE6ACC0B21F32: 21 signatures not checked due to missing keys
gpg: key 3B4FE6ACC0B21F32: "Ubuntu Archive Automatic Signing Key (2012) <[email protected]>" 18 new signatures
gpg: key 4F4EA0AAE5267A6C: "Launchpad PPA for Ondřej Surý" not changed
gpg: key 4F4EA0AAE5267A6C: "Launchpad PPA for Ondřej Surý" not changed
gpg: key 1646B01B86E50310: 3 signatures not checked due to missing keys
gpg: key 1646B01B86E50310: "Yarn Packaging <[email protected]>" 5 new signatures
gpg: Total number processed: 6
gpg: unchanged: 3
gpg: new signatures: 82
Executing: /tmp/apt-key-gpghome.N4svD19CdM/gpg.1.sh --refresh-keys --keyserver keyserver.ubuntu.com:80
gpg: refreshing 11 keys from keyserver.ubuntu.com:80
gpg: keyserver refresh failed: No keyserver available
@joesixpack您可能与Ubuntu密钥服务器有连接问题,或者它已关闭(例如,出于维护目的)。 您可以尝试使用其他密钥服务器。
由于确切的错误消息而来到这里。 使用Raspbian。 几分钟前刚刚尝试了@ Daniel15的建议,得到了以下内容(带有和不带有sudo
):
:~ $ curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
gpg: no valid OpenPGP data found.
有什么建议?
@luisfrocha确保已安装ca-certificates
软件包,否则所有SSL / TLS连接都将失败。
@ Daniel15
:~ $ sudo apt install ca-certificates
Reading package lists... Done
Building dependency tree
Reading state information... Done
ca-certificates is already the newest version (20190110).
0 upgraded, 0 newly installed, 0 to remove and 60 not upgraded.
好吧,我不想,但毕竟我必须。 我执行了curl命令,并添加了-k
标志,效果很好。
sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com
也可以解决许多存在此问题的软件包的问题
这个为我工作。 谢谢 :)
sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com
也可以解决许多存在此问题的软件包的问题
谢谢
我正在尝试安装yarn并遇到主要问题。
curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
给了我以下输出:
gpg: invalid key resource URL '/tmp/apt-key-gpghome.gq2UKui5Xm/home:manuelschneid3r.asc.gpg'
gpg: keyblock resource '(null)': General error
gpg: key 76F1A20FF987672F: 1 signature not checked due to a missing key
gpg: key 1488EB46E192A257: 1 signature not checked due to a missing key
gpg: key 1488EB46E192A257: 1 signature not checked due to a missing key
gpg: key 3B4FE6ACC0B21F32: 3 signatures not checked due to missing keys
gpg: key D94AA3F0EFE21092: 3 signatures not checked due to missing keys
gpg: key 871920D1991BC93C: 1 signature not checked due to a missing key
gpg: Total number processed: 17
gpg: skipped new keys: 17
以下sudo apt update && sudo apt install yarn
输出
W: GPG error: https://dl.yarnpkg.com/debian stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 23E7166788B63E1E
E: The repository 'https://dl.yarnpkg.com/debian stable InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
我也已经尝试过sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com
,但是我遇到了类似的错误:
gpg: invalid key resource URL '/tmp/apt-key-gpghome.FtkPocMoE3/home:manuelschneid3r.asc.gpg'
gpg: keyblock resource '(null)': General error
gpg: key 76F1A20FF987672F: 1 signature not checked due to a missing key
gpg: key 1488EB46E192A257: 1 signature not checked due to a missing key
gpg: key 1488EB46E192A257: 1 signature not checked due to a missing key
gpg: key 3B4FE6ACC0B21F32: 3 signatures not checked due to missing keys
gpg: key D94AA3F0EFE21092: 3 signatures not checked due to missing keys
gpg: key 871920D1991BC93C: 1 signature not checked due to a missing key
gpg: Total number processed: 16
gpg: skipped new keys: 16
我非常感谢任何想法可能出什么问题,我在软件包管理器方面没有太多经验,并且上述建议似乎没有帮助。
更新:
抱歉,关键错误似乎来自另一个程序包而不是纱线。 现在安装就好了!
@LukasSchaefer我认为该错误中的任何GPG密钥都不是Yarn GPG密钥。 您可能需要弄清楚这些键的用途并进行修复。
您从sudo apt update
获得的完整输出是多少?
@ Daniel15感谢您的提示。 我完全错过了钥匙错误来自另一个程序包的问题。 纠正此错误后,按照上述命令安装好纱线。
抱歉!
sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com
也可以解决许多存在此问题的软件包的问题
对我有用。 谢谢!
我也已经解决了,只是花了我一些时间去检查解决方案。 谢谢!
最有用的评论
sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com
也可以解决许多存在此问题的软件包的问题