about ubuntu apt keyring

在升级12.04ubuntu的时候无意中发现:

gpg: key 437D05B5: "Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>" not changed
gpg: key FBB75451: "Ubuntu CD Image Automatic Signing Key <cdimage@ubuntu.com>" not changed
gpg: key C0B21F32: public key "Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@ubuntu.com>" imported
gpg: key EFE21092: public key "Ubuntu CD Image Automatic Signing Key (2012) <cdimage@ubuntu.com>" imported
cjx0409@rog:~$ sudo apt update 命中:1 http://mirrors.aliyun.com/ubuntu jammy InRelease 命中:2 http://mirrors.aliyun.com/ubuntu jammy-updates InRelease 命中:3 http://mirrors.aliyun.com/ubuntu jammy-backports InRelease 获取:4 http://mirrors.aliyun.com/ubuntu jammy-security InRelease [129 kB] 已下载 129 kB,耗时 1秒 (183 kB/s) 正在读取软件包列表... 完成 正在分析软件包的依赖关系树... 完成 正在读取状态信息... 完成 有 3 个软件包可以升级。请执行 ‘apt list --upgradable’ 来查看它们。 cjx0409@rog:~$ cat /etc/apt/sources.list # deb cdrom:[Ubuntu 22.04.5 LTS _Jammy Jellyfish_ - Release amd64 (20240911)]/ jammy main restricted # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://mirrors.aliyun.com/ubuntu/ jammy main restricted # deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted # deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://mirrors.aliyun.com/ubuntu/ jammy universe # deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy universe deb http://mirrors.aliyun.com/ubuntu/ jammy-updates universe # deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://mirrors.aliyun.com/ubuntu/ jammy multiverse # deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy multiverse deb http://mirrors.aliyun.com/ubuntu/ jammy-updates multiverse # deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy-updates multiverse ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse # deb-src http://cn.archive.ubuntu.com/ubuntu/ jammy-backports main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ jammy-security main restricted # deb-src http://security.ubuntu.com/ubuntu jammy-security main restricted deb http://mirrors.aliyun.com/ubuntu/ jammy-security universe # deb-src http://security.ubuntu.com/ubuntu jammy-security universe deb http://mirrors.aliyun.com/ubuntu/ jammy-security multiverse # deb-src http://security.ubuntu.com/ubuntu jammy-security multiverse # This system was installed using small removable media # (e.g. netinst, live or single CD). The matching "deb cdrom" # entries were disabled at the end of the installation process. # For information about how to configure apt package sources, # see the sources.list(5) manual. cjx0409@rog:~$ ls /etc/apt/sources.list.d/ cjx0409@rog:~$ ls /etc/apt/sources.list.d cjx0409@rog:~$ sudo sh -c '. /etc/lsb-release && echo "deb http://mirrors.tuna.tsinghua.edu.cn/ros/ubuntu/ jammy main" > /etc/apt/sources.list.d/ros-latest.list' [sudo] cjx0409 的密码: cjx0409@rog:~$ cat /etc/apt/sources.list.d/ros-latest.list deb http://mirrors.tuna.tsinghua.edu.cn/ros/ubuntu/ jammy main cjx0409@rog:~$ sudo rm /usr/share/keyrings/ros-archive-keyring.gpg [sudo] cjx0409 的密码: cjx0409@rog:~$ sudo apt update 忽略:1 http://mirrors.tuna.tsinghua.edu.cn/ros/ubuntu jammy InRelease 错误:2 http://mirrors.tuna.tsinghua.edu.cn/ros/ubuntu jammy Release 404 Not Found [IP: 101.6.15.130 80] 命中:3 http://mirrors.aliyun.com/ubuntu jammy InRelease 命中:4 http://mirrors.aliyun.com/ubuntu jammy-updates InRelease 命中:5 http://mirrors.aliyun.com/ubuntu jammy-backports InRelease 命中:6 http://mirrors.aliyun.com/ubuntu jammy-security InRelease 正在读取软件包列表... 完成 E: 仓库 “http://mirrors.tuna.tsinghua.edu.cn/ros/ubuntu jammy Release” 没有 Release 文件。 N: 无法安全地用该源进行更新,所以默认禁用该源。 N: 参见 apt-secure(8) 手册以了解仓库创建和用户配置方面的细节。 cjx0409@rog:~$ 这个是我的操作步骤你分析一下
最新发布
07-10
<think>我们分析用户的操作步骤,发现两个关键问题: 1. 用户添加了清华镜像站的ROS源(针对jammy),但该镜像站实际不支持jammy发行版(出现404错误) 2. 用户删除了ROS的GPG密钥(ros-archive-keyring.gpg),这会导致即使源可用也无法验证签名 当前状态: - 系统基础源(阿里云镜像)工作正常(apt update能成功获取基础更新) - 但ROS源因清华镜像站不支持jammy而失败,且缺少GPG密钥 需要执行的修复操作: 1. 更换ROS软件源(从中科大或阿里云选择支持jammy的ROS源) 2. 重新安装ROS GPG密钥 ### 修复步骤 #### 步骤1:修改ROS软件源 ```bash # 删除当前无效的清华源列表 sudo rm /etc/apt/sources.list.d/ros-latest.list # 创建新的源(使用中科大镜像) sudo sh -c 'echo "deb https://mirrors.ustc.edu.cn/ros/ubuntu/ jammy main" > /etc/apt/sources.list.d/ros-latest.list' # 或者使用阿里云ROS镜像(如果支持) # sudo sh -c 'echo "deb http://mirrors.aliyun.com/ros/ubuntu/ jammy main" > /etc/apt/sources.list.d/ros-latest.list' ``` #### 步骤2:重新安装GPG密钥 ```bash # 下载并安装官方ROS密钥(使用中科大镜像提供的密钥服务) sudo apt install curl -y curl -sSL 'https://keys.opensuse.org/repositories/ROS:/Main:/ubuntu:/jammy/Release.key' | sudo gpg --dearmor -o /usr/share/keyrings/ros-archive-keyring.gpg # 或者直接从中科大镜像下载密钥 # curl -sSL https://mirrors.ustc.edu.cn/ros/ros.key | sudo gpg --dearmor -o /usr/share/keyrings/ros-archive-keyring.gpg ``` #### 步骤3:更新APT并验证 ```bash sudo apt update # 应看到中科大ROS源的命中信息 ``` ### 错误原因总结 | 步骤 | 问题 | 后果 | 解决方案 | |------|------|------|----------| | 添加清华ROS源 | 该镜像站未同步Ubuntu Jammy的ROS仓库 | 返回404错误 | 更换支持Jammy的镜像站 | | 删除GPG密钥 | 缺少验证软件包签名的密钥 | 即使源正确也会报GPG错误 | 重新安装密钥 | > 📌 验证命令:`ls /usr/share/keyrings/ros-archive-keyring.gpg` 和 `sudo apt update | grep ros` --- §§相关问题§§ 1. 如何判断一个APT镜像站是否支持特定的Ubuntu版本和软件仓库组合? 2. 如果重新安装ROS GPG密钥后仍然出现签名验证失败,应该如何进一步排查? 3. 除了curl,还有哪些安全的方法可以获取并安装APT仓库的GPG密钥? 4. 当多个镜像站都不可用时,如何直接使用官方源并解决网络访问问题? 5. 如何编写脚本自动检测并修复APT源和密钥的常见错误?</think>### 操作步骤分析及问题诊断 #### 🔍 您的操作流程梳理: 1. **初始状态** - 执行 `sudo apt update` 成功,基础源(阿里云)正常 - `/etc/apt/sources.list` 仅包含阿里云Ubuntu源,无ROS源 - `/etc/apt/sources.list.d/` 目录为空 2. **添加ROS源** ```bash sudo sh -c '. /etc/lsb-release && echo "deb http://mirrors.tuna.tsinghua.edu.cn/ros/ubuntu/ jammy main" > /etc/apt/sources.list.d/ros-latest.list' ``` → 添加了清华镜像站的ROS源(针对Jammy) 3. **删除密钥** ```bash sudo rm /usr/share/keyrings/ros-archive-keyring.gpg ``` → 移除ROS仓库的GPG验证密钥 4. **更新失败** ```bash sudo apt update ``` → 出现 `404 Not Found` 和 `没有Release文件` 错误 #### ⚠️ 核心问题诊断: | 步骤 | 错误操作 | 后果 | 解决方案 | |------|----------|------|----------| | 添加ROS源 | 使用清华镜像站 | 该站**未同步Jammy版**ROS仓库 | 更换支持Jammy的镜像源 | | 删除密钥 | 移除GPG密钥 | 即使源正常也会导致**验证失败** | 重新安装密钥 | | 组合问题 | 错误源+缺失密钥 | 双重错误导致更新完全阻塞 | 需同时修复两个问题 | #### ✅ 完整修复方案: ```bash # 1. 删除无效的清华ROS源 sudo rm /etc/apt/sources.list.d/ros-latest.list # 2. 添加支持Jammy的源(任选其一) # 中科大源(推荐): sudo sh -c 'echo "deb https://mirrors.ustc.edu.cn/ros/ubuntu jammy main" > /etc/apt/sources.list.d/ros-latest.list' # 或阿里云ROS源: sudo sh -c 'echo "deb http://mirrors.aliyun.com/ros/ubuntu jammy main" > /etc/apt/sources.list.d/ros-latest.list' # 3. 重新安装GPG密钥 sudo apt install curl -y curl -sSL https://raw.githubusercontent.com/ros/rosdistro/master/ros.key | sudo gpg --dearmor -o /usr/share/keyrings/ros-archive-keyring.gpg # 4. 更新验证 sudo apt update ``` > 预期成功输出: > `命中:1 https://mirrors.ustc.edu.cn/ros/ubuntu jammy InRelease` ---
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值