Alexander Reichle-Schmehl

No! Please at first make sure you have the recent version of debian-archive-keyring installed (some addittional repositories have similar packages).

And before adding random keys by hand, please make sure, that the fingerprint of the key you received matches the one the distributor hopefully has shown to you in a secure manor. You can see the fingerprint of a key with “gpg –fingerprint XYZ123″

Also please don’t run “apt-key add /root/.gnupg/pubring.gpg” since this will not only add the key you just downloaded, but every other key available in that specific keyring, too.

Better use “gpg –armor –export XYZ123 | apt-key add -” which will only add the one single key to the trusted keys of apt.

Best regards,

05/29/09 @ 10:20
Comment from: Hans [Visitor]

Would “apt-get install debian-archive-keyring” not do the trick?

05/29/09 @ 12:58
Comment from: admin [Member]  

apt-get install debian-archive-keyring was telling me I was installing from an untrusted source.

05/29/09 @ 13:15
Comment from: admin [Member]  

Here’s what I do now:

gpg –keyserver wwwkeys.eu.pgp.net –recv 9AA38DCD55BE302B

gpg –export –armor 9AA38DCD55BE302B | apt-key add -

09/01/09 @ 20:23
Comment from: Neomilium [Visitor]

You can also use:
apt-key adv –keyserver hkp://subkeys.pgp.net –recv-keys 9AA38DCD55BE302B

05/20/10 @ 10:26