Waking up this morning, running a whonixcheck as usual, got some packages to update, running an apt-get update, but got an :
W: An error occurred during the signature verification [...] couldn't be verified because the public key is not available : NO_PUBKEY CB8D50BB77BB3C48
W: Failed to fetch http://souceforge[...]whonixdevelopermetafiles[...]dists/stable/InRelease
and the ‘classical’
This last one is ok since I understand what had going on.
But the two first worried me a bit.
Did something happen this night ? I know adrelanos changed is GPG key, is it related ? I guess no.
Am I the only one getting this ?
Thanks.
(Btw, great move on the pseudonimity adrelanos)
Edit : Restored a previous state of the VM, just in case it somehow have been compromised or whatever, having the same issue.
Thank you for reporting this. Nothing to worry about. My mistake. Fixed. (Should work again in 10 minutes as usual.)
(Technical background: I refreshed (valid-until) the signature of Whonix’s apt repository. Gpg automatically choose my new gpg key, which hasn’t been added to apt’s keys yet. Made the choice of the key explicit.)
I hope this won’t be necessary. I was planing to sign the repository with both keys for a transitional period. And deploying the new key by an upgrade signed by my old key.
So unless you’re at some point in future updating a very old build of Whonix, I hope it won’t be necessary to manually get my key.