Signatures not verified

Question

These are the signature errors that persist after I tried several fixes mentioned on the Internet

W: GPG error: http://deb.opera.com stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 517590D9A8492E35
W: GPG error: http://archive.canonical.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: http://extras.ubuntu.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 16126D3A3E5C1192
W: GPG error: http://linux.dropbox.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY FC918B335044912E
W: GPG error: http://dl.google.com stable Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A040830F7FAC5991
W: GPG error: http://dl.google.com stable Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A040830F7FAC5991
W: GPG error: http://archive.ubuntu.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: https://private-ppa.launchpad.net raring Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E131728675254D99
W: GPG error: http://archive.ubuntu.com trusty-updates Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: http://archive.ubuntu.com trusty-backports Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: https://private-ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E131728675254D99
W: GPG error: http://archive.ubuntu.com trusty-security Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
W: GPG error: http://ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0CC3AFF5CEDF0F40
W: GPG error: http://ppa.launchpad.net trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 32B18A1260D8DA0B

I have been beating around the bush for solutions but nothing has worked yet please suggest something that would solve these errors.

What I've already tried:

y-ppa-manager
manually removing list and regenerating it.

So please don't mark duplicate for these methods and suggest something else.

are you using sudo? sudo apt-get install instead of apt-get install ? — user3548683, Dec 28 '14 at 10:10

score 14 · Answer 1 · edited Apr 13 '17 at 12:24

Something's gone wrong with your apt keys or adding/changing repos or something... I don't know what

What did you do that caused these errors, and what fixes have you tried?

But here are some band-aid solutions for your symptoms:

To just add the missing keys, this command should work (replace the "2EA8..." string with your acutal missing keys)

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 2EA8F35793D8809A

May try --keyserver keys.gnupg.net if any aren't on ubuntu
[see https://askubuntu.com/a/141088/129271 ]

It looked kind of like you didn't add some PPA's correctly, according to Ubuntu's instructions it should "fetch the PPA's key" by itself. Here's the terminal directions from https://help.ubuntu.com/community/Repositories/Ubuntu

Step 2: Open a terminal and enter:

$ sudo add-apt-repository ppa:user/ppa-name

Replace 'ppa:user/ppa-name' with the PPA's location that you noted above.

Your system will now fetch the PPA's key. This enables your Ubuntu system to verify that the packages in the PPA have not been interfered with since they were built.

In case there's a problem with your software sources, this should restore them to their "defaults". I'd make a backup copy of everything in /ect/apt/sources.list and /ect/apt/sources.list.d/ first, just in case. Not knowing what your Ubuntu version is I'm not sure what the "defaults" should be, or whether you've added extra PPA's or other sources. Running lsb_release -a should tell you about your version & "codename"

Backup the sources.list files

Just copy them to a backup folder somewhere, this should work:

sudo mv /etc/apt/sources.list /etc/apt/sources.list.old
sudo mv /etc/apt/sources.list.d /etc/apt/sources.list.d.old

Restoring the default Ubuntu `sources.list`

For Ubuntu, if you do this it should generate a new fresh sources.list file
1. delete the old files (sudo rm /etc/apt/sources.list and sudo rm -R /etc/apt/sources.list.d but BACKUP FIRST).
2. Then do either of:
  - Run the Software Sources (sudo software-properties-gtk or sudo software-sources) select/check-mark some repos, pick a server and update.
  - Generate a new one at http://repogen.simplylinux.ch/ using your version & country (to pick local mirrors), then copy & paste it into your new sources.list with gksudo gedit /etc/apt/sources.list or in a terminal sudo nano /etc/apt/sources.list

The site http://repogen.simplylinux.ch/ has a LOT of optional PPA's too, looks quite useful. [courtesy How do I restore the default repositories? ]

even if that is correct what about the ppas that come with ubuntu pre-installed I have not added them nor disturbed them, how come they are not verifiable — akxer, Dec 28 '14 at 12:13
I have tried y-ppa-manager and also removing the entire list and generating it again by apt-get update — akxer, Dec 28 '14 at 12:15
PPA's are different from the regular/default repositories. apt-get update only gets the available packages, doesn't change the repos. I'll update with some directions that should restore your default repos — Xen2050, Dec 28 '14 at 12:39
@akabhirav Did adding the keys work? Checked a couple and they're on both servers mentioned. Or any of the other ideas? — Xen2050, Dec 28 '14 at 13:39

score 5 · Accepted Answer · answered Dec 29 '14 at 05:13

5

After coming to know that apt can't handle more than 40 keys I started deleting ppa's and their keys from /etc/apt/trusted.gpg.d

After doing that I updated apt-cache and my problems were solved.

answered Dec 29 '14 at 05:13

akxer

2,036

1

Cleaning the directory indeed fixed this for me, what a strange limitation. – Jan Tojnar Oct 24 '15 at 23:04
Strange indeed, don't know why – akxer Oct 25 '15 at 16:09
How did you update apt-cache? – IgorGanapolsky Feb 09 '17 at 17:27
I have forgotten how I did it then, but you can try cleaning the cache sudo apt-get clean and updating it sudo apt-get update – akxer Feb 13 '17 at 10:30

Signatures not verified

2 Answers2

Backup the sources.list files

Restoring the default Ubuntu sources.list

Restoring the default Ubuntu `sources.list`