发表新帖
发表新帖

MongoDB GPG - Invalid Signatures

后端 未结
关注
11 1283
半阙折子戏
半阙折子戏 2020-12-04 06:46

I\'m installing MongoDB on an Ubuntu 14.04 machine, using the instructions at: https://docs.mongodb.org/manual/tutorial/install-mongodb-on-ubuntu/

So I run:

相关标签:
11条回答
  • 感情败类
    2020-12-04 07:43

    I also faced this issue when installing MongoDB 3.2 on my ubuntu 16.04 using the below commands. The below solution is provided as the question related to the v3.2 installation of MongoDB

    sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv EA312927
echo "deb http://repo.mongodb.org/apt/ubuntu "$(lsb_release -sc)"/mongodb-org/3.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.2.list
sudo apt-get update

    After running the above update command i found the following warnings 

    W: GPG error: http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.2 Release: The following signatures were invalid: KEYEXPIRED 1507497109
W: The repository 'http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.2 Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

    On further investigating using the below command to list all the keys

    sudo apt-key list

    It shows that the current key is expired on 2017-10-08

    pub   4096R/EA312927 2015-10-09 [expired: 2017-10-08]
uid                  MongoDB 3.2 Release Signing Key <packaging@mongodb.com>

    This also made sense as the MongoDB Current Stable Release is now (3.4.9).

    To fix the issue first we make a small cleanup (optional)

    1. we remove the old key added

      sudo apt-key list // List all keys

      sudo apt-key del EA312927 // Find the uid of the key to be deleted

      apt-key list | grep Mongodb // Verify if its deleted

    2. Now we remove the MongoDB repo added in /etc/apt/sources.list.d

      sudo rm /etc/apt/sources.list.d/mongodb*.list

    3. Now we install the latest stable version of MongoDB(3.4.9) using below commands

    Import the Public Key used by the Ubuntu Package Manager

    apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A14518585931BC711F9BA15703C6

    Create a file list for mongoDB to fetch the current repository

    echo "deb [ arch=amd64,arm64 ] http://repo.mongodb.org/apt/ubuntu "$(lsb_release -sc)"/mongodb-org/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-3.4.list

    Install MongoDB

    sudo apt-get update
sudo apt-get install mongodb-org
    0 讨论(0)
  • 挽巷
    2020-12-04 07:48

    Update all expired keys from Ubuntu key server in one command:

    sudo apt-key list | \
 grep "expired: " | \
 sed -ne 's|pub .*/\([^ ]*\) .*|\1|gp' | \
 xargs -n1 sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys

    Command explanation:

    1. sudo apt-key list - lists all keys installed in the system;
    2. grep "expired: " - leave only lines with expired keys;
    3. sed -ne 's|pub .*/\([^ ]*\) .*|\1|gp' - extracts keys;
    4. xargs -n1 sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys - updates keys from Ubuntu key server by found expired ones.

    Source

    0 讨论(0)
  • 傲寒
    2020-12-04 07:48

    I had the same problem, and solved it by installing mongodb with tarball method. Refer to the below link for detail.

    https://docs.mongodb.org/manual/tutorial/install-mongodb-on-linux/

    Adding details below

    1. curl -O https://fastdl.mongodb.org/linux/mongodb-linux-i686-3.2.0.tgz
    2. tar -zxvf mongodb-linux-i686-3.2.0.tgz
    3. mkdir -p mongodb && cp -R -n mongodb-linux-i686-3.2.0/ mongodb

    4. export PATH=/bin:$PATH

    5. then run mongod (db path might needs to be set)

    0 讨论(0)
  • 孤独总比滥情好
    2020-12-04 07:51

    Using dlopatin's answer I came up with this for Ubuntu 18.04 since that code doesnt work anymore:

    sudo apt-key list | \
grep -A 1 "\[expired:" | \
sed -ne 's|^\s\{1,10\}\(\w*\)|\1|gp' | \
xargs -d '\n' sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys
    1. List keys sudo apt-key list
    2. Get the expired one and print the next line with the fingerprint grep -A 1 "\[expired:"
    3. Use sed to extract only the lines starting with space ^\s\{1,10\},and select the alphanumeric characters \(\w*\), replace those lines with the selected group which is the fingerprint \1, repeat for all returned lines g,then print the fingerprint p. That gives: sed -ne 's|^\s\{1,10\}\(\w*\)|\1|gp'
    4. Use xargs with delimiter for '\n' otherwise it will break on spaces: xargs -d '\n', then pass the fingerprints as arguments to apt-key to update them: sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys which gives you: xargs -d '\n' sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys

    Hopefully that is clear. Ignore the warning about apt-key output parsing :)

    0 讨论(0)
  • 闹比i
    2020-12-04 07:51

    I experienced the similar problem and got the following error while installing MongoDB 4.2 on Ubuntu 18.04 instance on Google Cloud.

    W: GPG error: http://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.2 Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4B7C549A058F8B6B
E: The repository 'http://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.2 Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details

    The solution that worked from me was running the following command to get the key. I found this on MongoDB official Jira Issue Pages. 

    /usr/bin/curl -sLO https://www.mongodb.org/static/pgp/server-4.2.asc && sudo /usr/bin/apt-key add server-4.2.asc

    I found this solution in MongoDB official Jira issues. Here is the link to the issue.

    0 讨论(0)
 看不清?
提交回复
热议问题