APT Repo Public Key Expiration & Update

Also !

+1
same issue

The repo moved. The APT/RPM 'testing' (Milestone) repository has moved

okay, but how do we fix that? can we still stay on release (stable) version or do we have to testing version?

I was able to install by disabling signature check in the file /etc/apt/source.list.d/openhab2.list with deb [trusted=yes] https://dl.bintray.com/openhab/apt-repo2 stable main.

The option [trusted=yes] disable the check of the signature and has to be removed as soon as the signing problem is fixed.

5 Likes

Thanks for this advice!

The note of jclugeon helping me for the moment! THX

Iā€™m working on Raspberry 4, both getting new key and disabling signature check didnā€™t work. Iā€™m on stable release.
Any ideas?

That worked for me with:

`deb [trusted=yes] https://dl.bintray.com/openhab/apt-repo2 stable mainā€™

Thank you!

1 Like

you can get the stable version from jfrogio also

echo ā€˜deb https://openhab.jfrog.io/openhab/openhab-linuxpkg stable mainā€™ | sudo tee /etc/apt/sources.list.d/openhab2.list
sudo apt update

should be the correct way, as swamiller said (APT Repo Public Key Expiration & Update), the repo has moved

you really shouldnā€™t use [trusted=yes]

3 Likes

That worked for me!

indeed the first-boot.bash worked after applying that command.

just for info: today i wanted to make a fresh install, because yesterday i changed many things to make the installation work. i wanted to apply the command before any setup starts. i found out, that in the meantime the problem got fixed on github: https://github.com/openhab/openhabian/commit/1741bb777d7656af848c64dad3987910438bea46
thank you for providing a solution so fast!

I did the key update as suggested (see output from apt-key list)

/etc/apt/trusted.gpg

pub rsa4096 2015-07-25 [SC] [expires: 2023-07-24]
EDB7 D030 4E2F CAF6 29DF 1163 0757 21F6 A224 060A
uid [ unknown] openHAB Bintray Repositories owner@openhab.org
sub rsa4096 2015-07-25 [E] [expires: 2023-07-25]

ā€¦ and it seems to contain the updated key. But it didnā€™t work. Neither did
the trusted=yes option for me.

So whatā€™s the supposed solution?

Should I change the repository as suggested?
https://www.openhab.org/docs/ still points to bintray?

Or should I just wait until the problem is fixed?
Are you still working on the fix?

Thanks!

Now I installed the actual openHABian v1.5 based on Debian Buster supports RPi4 on my Raspberry pi 2 and itā€™s okay. No more Errors.

Adding [trusted=yes] did not work for me immediately. There seems to be a bug in apt on Ubuntu that does not disable the signature check if the lists had already been downloaded before. Removing the local package lists fixed it:

sudo rm /var/lib/apt/lists/*openhab*

1 Like

Thanks, that helped on my Debian stretch.

But still this can only be a workaround.

I have tried, but still not working for me.
(Armbian / orangepi-pc)

My system also does not accept the signature of this repo:

W: GPG-Fehler: https://openhab.jfrog.io/openhab/openhab-linuxpkg stable Release: Die folgenden Signaturen waren ungĆ¼ltig: EXPKEYSIG 075721F6A224060A openHAB Bintray Repositories <owner@openhab.org>
W: The repository 'https://openhab.jfrog.io/openhab/openhab-linuxpkg stable Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

How do I get OpenHAB updates working again?

1 Like

Same issue with the repository not being signed.

sudo apt-get update
[...]
Reading package lists... Done
W: The repository 'https://dl.bintray.com/openhab/apt-repo2 stable Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

deb https://openhab.jfrog.io/openhab/openhab-linuxpkg stable main was added to sources and I updated the key.

sudo apt-key list gave me this for the repository key.

[...]
pub   rsa4096 2015-07-25 [SC] [expires: 2023-07-24]
      EDB7 D030 4E2F CAF6 29DF  1163 0757 21F6 A224 060A
uid           [ unknown] openHAB Bintray Repositories <owner@openhab.org>
sub   rsa4096 2015-07-25 [E] [expires: 2023-07-25]

The documentation for Linux listed the new and old repositories. The old directions didnā€™t have the jfrog.io repository leading me to believe the directions were updated and both repositories should be in the sources. So Iā€™m not sure if there is still a problem in the repository, it seems like the problem started when the key was renewed.

A post above said the snapshot repository changed, but did the stable release repository change hosts as well?

folks,

Iā€™m also getting an error with this.
RPi-4 running Buster
added the key and now I get this

pub   rsa4096 2015-07-25 [SC] [expires: 2023-07-24]
      EDB7 D030 4E2F CAF6 29DF  1163 0757 21F6 A224 060A
uid           [ unknown] openHAB Bintray Repositories <owner@openhab.org>
sub   rsa4096 2015-07-25 [E] [expires: 2023-07-25]

ā€¦which looks right?

and an apt update gives me this;

root@homeauto:~# apt update
Hit:1 http://raspbian.raspberrypi.org/raspbian buster InRelease
Hit:2 http://archive.raspberrypi.org/debian buster InRelease
Ign:3 http://repos.azulsystems.com/debian stable InRelease
Ign:4 https://dl.bintray.com/openhab/apt-repo2 stable InRelease
Hit:5 http://repos.azulsystems.com/debian stable Release
Get:6 https://dl.bintray.com/openhab/apt-repo2 stable Release [6,051 B]
Ign:7 https://dl.bintray.com/openhab/apt-repo2 stable Release.gpg
Reading package lists... Done
E: The repository 'https://dl.bintray.com/openhab/apt-repo2 stable Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Iā€™ve tried the various tips above like deleting the cache etc but itā€™s still the same; fails.

Is there any difference between Debian Jessie and Buster for this?

Hi,
I tried this but leads me to:

Hit:1 http://ppa.launchpad.net/webupd8team/java/ubuntu xenial InRelease
Hit:2 http://raspbian.raspberrypi.org/raspbian stretch InRelease
Hit:3 http://archive.raspberrypi.org/debian stretch InRelease
Hit:4 https://download.docker.com/linux/debian jessie InRelease
Hit:5 https://repos.influxdata.com/debian jessie InRelease
Ign:6 https://openhab.jfrog.io/openhab/openhab-linuxpkg 54 InRelease
Err:7 https://openhab.jfrog.io/openhab/openhab-linuxpkg 54 Release
404 Not Found
Reading package listsā€¦ Done
E: The repository ā€˜https://openhab.jfrog.io/openhab/openhab-linuxpkg 54 Releaseā€™ does not have a Release file.
N: Updating from such a repository canā€™t be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Any ideas how to go on?
I think Iā€™ll try [trusted=yes] for the moment

BR
Markus