Ubuntu 20.04 制作离线安装源流程及配置

原创已于 2025-09-29 14:09:56 修改 · 339 阅读

6 ·

CC 4.0 BY-SA版权

文章标签：

#ubuntu #运维 #linux

于 2025-09-29 13:56:40 首次发布

运维相关专栏收录该内容

1 篇文章

订阅专栏

1. 环境准备

准备一台可以联网的ubuntu20.04版本操作系统的机器，在此机器上进行离线源的制作。

2. 离线安装源制作步骤

2.1 安装png加密软件

apt-get install gnupg -y

2.2 生成gpg密钥

使用以下命令生成gpg密钥

gpg --gen-key

#gpg --gen-key

#测试记录：
root@why:/home/why# gpg --gen-key
gpg (GnuPG) 2.2.19; Copyright (C) 2019 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: directory '/root/.gnupg' created
gpg: keybox '/root/.gnupg/pubring.kbx' created
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: ubuntu20.04.5.pub（-gpg文件名-）
Email address: email@126.com（-邮箱-）
You selected this USER-ID:
    "ubuntu20.04.5.pub <email@126.com>"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? o（-选择OK-）
+++ 添加秘钥保护密码 +++
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 5D7F36B1E7D11D7C marked as ultimately trusted
gpg: directory '/root/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/9075A1B0CD4F752507E7B28E5D7F36B1E7D11D7C.rev'
public and secret key created and signed.

pub   rsa3072 2023-02-01 [SC] [expires: 2025-01-31]
      9075A1B0CD4F752507E7B28E5D7F36B1E7D11D7C
uid                      ubuntu20.04.5.pub <email@126.com>
sub   rsa3072 2023-02-01 [E] [expires: 2025-01-31]

2.3 查看已有密钥

使用以下命令查看已有密钥：

gpg --list-keys

gpg --list-keys
gpg -k

#测试记录
root@why:/home/why# gpg --list-keys
gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2025-01-31
/root/.gnupg/pubring.kbx
------------------------
pub   rsa3072 2023-02-01 [SC] [expires: 2025-01-31]
      9075A1B0CD4F752507E7B28E5D7F36B1E7D11D7C
uid           [ultimate] ubuntu20.04.5.pub <email@126.com>
sub   rsa3072 2023-02-01 [E] [expires: 2025-01-31]

#root@why:/home/why# gpg -k

2.4 导出密钥

导出密钥命令：

gpg --armor --out public-key.pub --export <key-name>

#测试记录：
root@why:/home/why# gpg --armor --out ubuntu20.04.5.pub --export ubuntu20.04.5.pub
root@why:/home/why# ls
ubuntu20.04.5.pub

2.5 下载需要的软件

使用ubuntu下载软件命令apt下载需要的软件，ubuntu系统默认下载文件存放目录：/var/cache/apt/archives/

apt-get -d install <包名>

2.6 离线安装源打包

创建存放软件包的目录/var/debs，拷贝下载好的文件到创建好的目录中

mkdir /var/debs
cp -r /var/cache/apt/archives/*.deb /var/debs

按以下步骤在/var/debs目录下创建 Packages.gz 文件

## 注意：生成的路径带debs，否则内网安装时会说找不到文件
cd /var
apt-ftparchive packages debs > debs/Packages
cd debs
gzip -c Packages > Packages.gz

在/var/debs目录下创建release file

apt-ftparchive release ./ > Release
gpg --clearsign -o InRelease Release
gpg -abs -o Release.gpg Release

打包生成的debs目录及公钥文件

cd /var
tar -cf deb.tar deb
cd /
mkdir /ubuntu20.04.5_package
cp /var/deb.tar /ubuntu20.04.5_package
cp /home/why/ubuntu20.04.5.pub /ubuntu20.04.5_package
tar -zcf ubuntu20.04.5_package.tar.gz /ubuntu20.04.5_package

3. 离线环境测试离线源

## 将打包好的离线源和公钥文件拷贝至无法连接互联网的机器中，按以下步骤进行操作
#1、解压ubuntu20.04.5_packge压缩包
tar -zxf ubuntu20.04.5_package.tar.gz
#2、将debs.tar 解压到/var 下
tar -xf debs.tar -C /var
#3、取消掉原有的uname.pub 
apt-key remove uname.pub
#4、加载新的uname.pub
apt-key add ubuntu20.04.5.pub
#5、备份原来的/etc/soruce.list  文件
cp /etc/apt/sources.list /etc/apt/sources.list.back
#6、修改source.list文件，添加 
deb file:/var debs/
#7、更新源
apt-get update
8、安装软件时若存在依赖问题，使用命令
apt-get install -f