Fix missing GPG key Apt repository error (NO_PUBKEY)

While running, you may see missing public GPG key error (“NO_PUBKEY”) on Debian, Ubuntu or Linux Mint apt update / apt-get update. This can happen when adding a repository, and you forget to add its public key, or a temporary key server error may occur when trying to import a GPG key.

Runtime apt update / apt-get update, Or try to refresh the software source with some GUI tools, apt will complain that it cannot download all the repository indexes with the following error:

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ppa.launchpad.net/linuxuprising/apps/ubuntu bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY EA8CACC073C3DB2A

W: Failed to fetch http://ppa.launchpad.net/linuxuprising/apps/ubuntu/dists/bionic/InRelease  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY EA8CACC073C3DB2A

W: Some index files failed to download. They have been ignored, or old ones used instead.

This is just an example. This error can happen not only in the Launchpad PPA repository, but also in any repository, such as those provided by Google, Vivaldi or Node.js.
The error message indicates that the repository was not updated and the previous index file will be used. This means that you will not receive updates from that repository, so you should import a public GPG key to resolve this issue. This is an easy way to solve this problem The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ... error. It should work on Debian, Ubuntu, Linux Mint, Pop! _OS, base OS, and any other Debian or Ubuntu based Linux distribution. Solution 1: Quick NO_PUBKEY repairs a single repository / key.
If only one public GPG repository key is missing, it is available on Ubuntu / Linux Mint / Pop! Run this command on _OS / Debian system to fix it:

sudo apt-key adv --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys THE_MISSING_KEY_HERE

You have to replace THE_MISSING_KEY_HERE Missing GPG key. The key is shown in the apt update / apt-get update log, after NO_PUBKEY. For example, in the error message I posted above, the missing GPG key that must be used in this command is EA8CACC073C3DB2A.
See also: How to resolve “Unable to acquire lock / var / lib / dpkg / lock-open (11 resources are temporarily unavailable)” error Solution 2: Batch import all missing GPG keys.
If multiple public OpenPGP keys are missing, you can use this single line to import all keys at once:

sudo apt update 2>&1 1>/dev/null | sed -ne 's/.*NO_PUBKEY //p' | while read key; do if ! [[ ${keys[*]} =~ "$key" ]]; then sudo apt-key adv --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys "$key"; keys+=("$key"); fi; done

There is no need to change any part of the command, just run as it is. This can also be used to repair a single lost GPG key, but this is a bit redundant. However, it can be used with any number of lost GPG keys.
The command runs sudo apt update Update the software source and detect the missing GPG keys and import each missing key using the following command hkp://pool.sks-keyservers.net:80 As its server. This server is continuously synchronized with many other servers, so it should have updated keys. If you like, you can use another server.
The command also uses an array to store the missing GPG keys for which we have imported the keys. Otherwise, the key import command will be run twice for each lost key.
You might also be interested in: how to make a PGP key on Linux using a GUI (and publish it)

Source

Sidebar