Devuan Forgot to Renew the Key That Signs System Updates

Due to an invalid key, Devuan users have been unable to update their systems today. Fortunately, the problem has now been fixed.

ByBobby Borisov
OnSeptember 3, 2022
1 Comment

Devuan Project Forgot to Renew the Key That Signs System Updates

Devuan emerged in 2014 due to Debian’s transition to systemd following a long technical and widely publicized dispute. Like Debian, Devuan strives to be a general-purpose Linux distribution with desktop and server capabilities.

The distro, aimed at power users and proponents of systemd-free Linux systems, has gained popularity among GNU enthusiasts.

But the Devuan Project found itself in a slightly delicate situation today. Due to forgetting to renew the key with which all software updates are signed, they could not be applied.

Users first reported the issue on the official Devuan forum who were puzzled by an error message they received when attempting to update their systems. The exact case may be seen in the screenshot below.

The issue was quickly identified as caused by an expired key, which Devuan Project uses to sign all software updates. A simple check reveals that the five-year validity period expires on September 3, 2022.

gpg --list-keys BB23C00C61FC752CCode language: PHP (php)

pub   rsa4096 2017-09-04 [SC] [expired: 2022-09-03]
      E032601B7CA10BC3EA53FA81BB23C00C61FC752C
uid   [ expired] Devuan Repository (Amprolla3 on Nemesis) <repository@devuan.org>Code language: CSS (css)

Fortunately, the Devuan developers acted immediately, and the software key was renewed a few hours later. However, the conventional method of using the “apt update” command to apply the new key cannot be utilized.

Below are two alternative ways for downloading and installing the new key on your Devuan GNU/Linux system so that software updates can resume normally.

The first step is to use wget to obtain the software package with the updated key, then install it locally using the dpkg command.

wget http://deb.devuan.org/devuan/pool/main/d/devuan-keyring/devuan-keyring_2022.09.04_all.deb
dpkg -i devuan-keyring_2022.09.04_all.debCode language: JavaScript (javascript)

Installing the new Devuan software repo signing key

Then, using the APT command, you may effortlessly update your Devuan system.

The second approach is considerably more straightforward, as it takes advantage of the APT’s ability to use “insecure” software repositories and unsigned keys.

sudo apt update --allow-insecure-repositories
sudo apt install devuan-keyring --allow-unauthenticated

Whichever method you pick, our tests have proven that it is entirely effective and results in the resumption of applying software updates from the Devuan repos.

In conclusion, we can only hope and believe that those in charge of the Devuan Project have taken all necessary precautions to avoid such an awkward situation in the future. And, of course, admirations for the lightning reaction in resolving the issue.

Tell others:

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Linux News You'll Love!

Craving the latest in Linux? Get your weekly fix with our newsletter. It's everything Linux, straight to your inbox! It's fun, it's free, and it's full of insights!

Think You're an Ubuntu Expert? Let's Find Out!

Put your knowledge to the test in our lightning-fast Ubuntu quiz!
Ten questions to challenge yourself to see if you're a Linux legend or just a penguin in the making.

1 / 10

Ubuntu is an ancient African word that means:

United, we are stronger

Humanity to others

A god of wisdom worshipped by the Zulu tribe

2 / 10

Who is the Ubuntu's founder?

Mark Shuttleworth

Richard Stallman

Linus Torvalds

3 / 10

What year was the first official Ubuntu release?

2001

2002

2004

4 / 10

What does the Ubuntu logo symbolize?

South African symbol representing unity

Circle of friends

Astronomical symbol for satellites of a star

5 / 10

What package format does Ubuntu use for installing software?

RPM

DEB

TGZ

6 / 10

When are Ubuntu's LTS versions released?

Every two years, in April

After two minor releases

Following the release of a major Debian version

7 / 10

What is Unity?

An event-based replacement for the traditional init system used in Ubuntu

Ubuntu's display server

Desktop environment

8 / 10

What are Ubuntu versions named after?

Animals

Constellations

Cartoons' characters

9 / 10

What's Ubuntu Core?

An immutable version of Ubuntu for IoT and embedded systems

Module to Linux kernel used by Ubuntu

The main CI/CD system used in the development of Ubuntu

10 / 10

Which Ubuntu version is Snap introduced?

Ubuntu 16.04 LTS (Xenial Xerus)

Ubuntu 18.04 LTS (Bionic Beaver)

Ubuntu 19.10 (Eoan Ermine)

The average score is 68%

One comment

Johann

September 5, 2022 / 12:56 pm Reply

Only the wget-method worked for me on a devuan chimaera-system.

Regards
Johann

Devuan Forgot to Renew the Key That Signs System Updates

Tell others:

Bobby Borisov

Linux News You'll Love!

TRENDING

Support US

One comment

Leave a ReplyCancel Reply

Tell others:

Bobby Borisov

Linux News You'll Love!

Related Posts

Peppermint Mini ISOs Get a Major Update

Peppermint Mini: The Newest Member of the Peppermint OS Family

Devuan 5 (Daedalus) Released for the Purist GNU/Linux Users

Devuan Users Are at Risk, Take Action to Protect Your System

One comment

Leave a ReplyCancel Reply