How to fix GPG error NO_PUBKEY in Ubuntu

I have a VPS for testing/developing, when I try Ubuntu 14.04 template for openvz, I got GPG error NO_PUBKEY when I run apt-get update or install whatever package. I guess because the Ubuntu 14.04 openvz template the provider use is missing public key for Ubuntu 14.04 trusty’s repository. I tried y-ppa-manager program to import all missing GPG keys but no luck.

I found a way to solve GPG error NO_PUBKEY error, all we need to do is to download the missing key using the hexadecimal numbers given in the error with apt-key (APT key management utility) command. In my case the hexadecimal number is 40976EAF437D05B5 and 3B4FE6ACC0B21F32. After running apt-key to download the missing PUBKEY, packages from that repositories will be considered trusted and you won’t NO_PUBKEY again.

So let’s do it (your missing PUBKEY may be different so use the hexadecimal number given from your error)

and the output

and the output

Now run apt-get update again or install any package, you should not see any error asking for missing PUBKEY.

Comments

  1. jason says

    This does not work for me, it stated key unchanged, and then after update it is still missing. what am i missing

  2. says

    Hello, I have the same Problem, I did like that but didn’t work for me, this is output of update. any ideas. Thanks

    W: GPG error: http://archive.canonical.com trusty Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
    W: GPG error: http://dl.google.com stable Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY A040830F7FAC5991
    W: GPG error: http://dl.maxthon.com stable Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 3189CF97F8D030EC
    W: GPG error: http://download.virtualbox.org trusty InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 54422A4B98AB5139
    W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://extras.ubuntu.com trusty Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 16126D3A3E5C1192

    W: GPG error: http://archive.ubuntu.com trusty Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
    W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://archive.ubuntu.com trusty-updates Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

    W: GPG error: http://archive.ubuntu.com trusty-backports Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32
    W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://archive.ubuntu.com trusty-security Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5 NO_PUBKEY 3B4FE6ACC0B21F32

    W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/trusty/Release

    W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-updates/Release

    W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-security/Release

    W: Some index files failed to download. They have been ignored, or old ones used instead.

    • namhuy says

      can you copy/paste the content of this file for me?

      BTW did you run these commands on your computer?

  3. says

    Yes I ran this command, but failed still the same problem, hereis content of Sources.list

    # deb cdrom:[Ubuntu 14.04 LTS _Trusty Tahr_ – Release amd64 (20140417)]/ trusty main restricted

    # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
    # newer versions of the distribution.
    deb http://archive.ubuntu.com/ubuntu trusty main restricted
    deb-src http://archive.ubuntu.com/ubuntu trusty main restricted

    ## Major bug fix updates produced after the final release of the
    ## distribution.
    deb http://archive.ubuntu.com/ubuntu trusty-updates main restricted
    deb-src http://archive.ubuntu.com/ubuntu trusty-updates main restricted

    ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
    ## team. Also, please note that software in universe WILL NOT receive any
    ## review or updates from the Ubuntu security team.
    deb http://archive.ubuntu.com/ubuntu trusty universe
    deb-src http://archive.ubuntu.com/ubuntu trusty universe
    deb http://archive.ubuntu.com/ubuntu trusty-updates universe
    deb-src http://archive.ubuntu.com/ubuntu trusty-updates universe

    ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
    ## team, and may not be under a free licence. Please satisfy yourself as to
    ## your rights to use the software. Also, please note that software in
    ## multiverse WILL NOT receive any review or updates from the Ubuntu
    ## security team.
    deb http://archive.ubuntu.com/ubuntu trusty multiverse
    deb-src http://archive.ubuntu.com/ubuntu trusty multiverse
    deb http://archive.ubuntu.com/ubuntu trusty-updates multiverse
    deb-src http://archive.ubuntu.com/ubuntu trusty-updates multiverse

    ## N.B. software from this repository may not have been tested as
    ## extensively as that contained in the main release, although it includes
    ## newer versions of some applications which may provide useful features.
    ## Also, please note that software in backports WILL NOT receive any review
    ## or updates from the Ubuntu security team.
    deb http://archive.ubuntu.com/ubuntu trusty-backports main restricted universe multiverse
    deb-src http://archive.ubuntu.com/ubuntu trusty-backports main restricted universe multiverse

    deb http://archive.ubuntu.com/ubuntu trusty-security main restricted
    deb-src http://archive.ubuntu.com/ubuntu trusty-security main restricted
    deb http://archive.ubuntu.com/ubuntu trusty-security universe
    deb-src http://archive.ubuntu.com/ubuntu trusty-security universe
    deb http://archive.ubuntu.com/ubuntu trusty-security multiverse
    deb-src http://archive.ubuntu.com/ubuntu trusty-security multiverse

    ## Uncomment the following two lines to add software from Canonical’s
    ## ‘partner’ repository.
    ## This software is not part of Ubuntu, but is offered by Canonical and the
    ## respective vendors as a service to Ubuntu users.
    deb http://archive.canonical.com/ubuntu trusty partner
    deb-src http://archive.canonical.com/ubuntu trusty partner

    ## This software is not part of Ubuntu, but is offered by third-party
    ## developers who want to ship their latest software.
    deb http://extras.ubuntu.com/ubuntu trusty main
    deb-src http://extras.ubuntu.com/ubuntu trusty main
    deb http://packages.linuxmint.com/ qiana main upstream import

    • namhuy says

      try to force keyserver.ubuntu.com default port 11371 to 80, from

      to

      After you run apt-key command, did it say keys are imported or what it say?

        • namhuy says

          Just add :80 after keyserver.ubuntu.com

          • says

            gpg: requesting key C0B21F32 from keyserver.ubuntu.com:80
            gpgkeys: no keyserver host provided
            gpg: keyserver internal error
            gpg: keyserver receive failed: keyserver error

          • namhuy says

            humm I guess it needs full URL, sorry for the problem.

          • says

            this command is ok, proceesed 1 , unchanged 1, but still same problem exst, thanks bro, I will google it may find an other solution, thanks alot

          • namhuy says

            Please let me know how you solve the problem, I would appreciate if I can add your solution to my post.

          • namhuy says

            Which blocked keys? and where are those keys? In my case all I need to do was to run apt-key command.

  4. says

    Hello bro, I did sudo apt-get update then upgrade, I got message like this gpg: keyblock resource ‘/etc/apt/trusted.gpg.d//webupd8team-y-ppa-manager.gpg’: resource limit
    I found three blocked keys
    Then I go to path /etc/apt/trusted.gpg.d and deleted mentioned keys above
    Then make update again, it gave me missing gpg keys
    used normal apt-key to add missing keys like here, and imported missing ones.
    now it works okey, the problem was blocked ones , once I deleted it worked ok

    • namhuy says

      But the key is for webupd8team PPA isn’t it? Mean while you have quite some missing GPG errors for Ubuntu repo which does not seem to be related with webupd8team. In my laptop and some of the VPS I have, I do get missing keys errors sometimes without having any third party PPA.

      For example, my laptop I use xubuntu, /etc/apt/trusted.gpg.d/ is empty, I did get missing keys, but apt-key works, so I guess you have old keys ? but why you get missing key errors.

      BTW, thanks for the tip :)

      • says

        I have man key in /etc/apt/trusted.gpg.d/ , and this is fresh installed Ubuntu 14.04, that’s what happened for me :D I don’t know why or how :D, Thanks for help bro

  5. hacknix says

    That’s what I get:

    gpg: keyblock resource /etc/apt/trusted.gpg.d/webupd8team-popcorntime.gpg': resource limit
    gpg: keyblock resource
    /etc/apt/trusted.gpg.d/webupd8team-themes.gpg': resource limit
    gpg: keyblock resource `/etc/apt/trusted.gpg.d/xorg-edgers-ppa.gpg': resource limit
    gpg: requesting key 437D05B5 from hkp server keyserver.ubuntu.com
    gpg: key 437D05B5: “Ubuntu Archive Automatic Signing Key ” not changed
    gpg: Total number processed: 1
    gpg: unchanged: 1

    • namhuy says

      what do you have in /etc/apt/ and /etc/apt/trusted.gpg.d/ You may have reached GnuPG’s limit or resource limit since you have many keys. Delete the keys that you don’t recognize or from uninstalled repo. To delete a key, you can use

  6. emilbebr says

    I encountered the same problem. I solved this by

    1) moving all the ppas from the folder /etc/apt/sources.list.d to the file /etc/apt/sources.list. I did this with the command:

    pr -F *files > newfilepr -F *files > newfile

    which combines all the sources.list files into one file. Some adaptation is needed.

    2) removing *all* the files in /etc/apt/trustedgpg.d

    then, I could add new keys to the keychain by issuing the “sudo apt-key adv –keyserver keyserver.ubuntu.com –recv-keys **KEY_HERE**” command you talked about. Before that, it didn’t import the key. Hope this is helpfull to someone, it was a completely random move on my part, had no idea if it would work or not. It did :D

Leave a Reply