SOLVED: Issue T100: KEYEXPIRED Error upon apt-get update from Whonix Repository
Issue present in versions up to Whonix 9.4 with the Whonix binary update repository enabled.
Forum Discussion:
[hr]
Whonix Qubes Solution
Whonix-Workstation TemplateVM
In Dom0 → Qubes Manager:
- Connect the TemplateVM to a Whonix-Gateway VM and enable internet connections.
In TemplateVM → Terminal:
fpr="916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA"
gpg --recv-keys "$fpr"
gpg --fingerprint "$fpr"
gpg --export "$fpr" | sudo apt-key add -
Then a normal update/upgrade should work without the KEYEXPIRED error…
sudo apt-get update
sudo apt-get dist-upgrade
Whonix-Gateway TemplateVM
Method #1
The Whonix-Gateway TemplateVM may not let you connect to the internet, except through the OS update service. So this first method may not work and you may need to try an additional method below.
In Dom0 → Qubes Manager:
- Connect the TemplateVM to a Whonix-Gateway VM and enable internet connections.
In TemplateVM → Terminal:
fpr="916B8D99C38EAF5E8ADC7A2A8D66066A2EEACCDA"
gpg --recv-keys "$fpr"
gpg --fingerprint "$fpr"
gpg --export "$fpr" | sudo apt-key add -
Then a normal update/upgrade should work without the KEYEXPIRED error…
sudo apt-get update
sudo apt-get dist-upgrade
Method #2
The faketime method will probably work for a long time, but it should not be used for a long time, because then we’d ignore the valid-until field for too long.
sudo faketime 2015-01-15 apt-get update
sudo apt-get dist-upgrade
Then a normal update/upgrade should work without the KEYEXPIRED error…
sudo apt-get update
sudo apt-get dist-upgrade
Method #3
In Whonix-Workstation VM → Terminal:
wget https://www.whonix.org/patrick.asc
In Whonix-Workstation VM → Files:
- Browse to directory containing patrick.asc
- Right click file patrick.asc
- Copy to other AppVM
- Enter the destination domain name as the name of your Whonix-Gateway TemplateVM
- Yes to approve file copy
In Whonix-Workstation TemplateVM → Terminal:
cd /home/user/QubesIncoming/<name-of-your-whonix-workstation-vm>/
sudo apt-key add patrick.asc
Then a normal update/upgrade should work without the KEYEXPIRED error…
sudo apt-get update
sudo apt-get dist-upgrade
[hr]
[b]Issue T100: KEYEXPIRED Error upon apt-get update from Whonix Repository
Posted by @WhonixQubes
January 17, 2015
https://phabricator.whonix.org/T100[/b]
KEYEXPIRED error upon apt-get update from Whonix repository reported and confirmed as happening in Qubes + Whonix.W: GPG error: http://sourceforge.net wheezy Release: The following signatures were invalid: KEYEXPIRED 1421449064 KEYEXPIRED 1421449064 KEYEXPIRED 1421449064 KEYEXPIRED 1421449659 KEYEXPIRED 1421449659 KEYEXPIRED 1421449064 KEYEXPIRED 1421449064 KEYEXPIRED 1421449064 KEYEXPIRED 1421449659 KEYEXPIRED 1421449064 KEYEXPIRED 1421449064 KEYEXPIRED 1421449064 KEYEXPIRED 1421449659
Forum Discussion: