Skip to content

The following signatures were invalid

My systems run cron-apt with an hourly rhythm, running off ftp2.de.d.o. Once in a while, some of them complain about invalid signatures on release files:

CRON-APT LINE: /usr/bin/apt-get update -o quiet=2
W: GPG error: http://debian.debian.zugschlus.de lenny Release: The following signatures were invalid: BADSIG A70DAF536070D3A1 Debian Archive Automatic Signing Key (4.0/etch) 
W: GPG error: http://debian.debian.zugschlus.de sid Release: The following signatures were invalid: BADSIG A70DAF536070D3A1 Debian Archive Automatic Signing Key (4.0/etch) 
W: You may want to run apt-get update to correct these problems
This usually happens in the late evening CEST. In the next cron-apt run, things are fine again. What's going on here? Is this part of a mirror update process where the Release and Release.gpg files are inconsistent?

Any idea how to get rid of these error messages?

Trackbacks

No Trackbacks

Comments

Display comments as Linear | Threaded

Sven Joachim on :

The mirror is crappy, see http://bugs.debian.org/419360. You should use a different one.

Marc 'Zugschlus' Haber on :

Thanks for the hint. Florian has now enabled anonftpsync from the bug report, let's see whether this helps.

Add Comment

Markdown format allowed
Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.
Form options