Kali Linux Update Failure Warning After Losing Repo Signing Key

Kali Linux Update Failure Warning After Losing Repo Signing Key

Offensive Security warns Kali Linux users to manually install the new Kali repository signing key to avoid update failures.

Previously, OffSec lost the old repo signing key (ED444FF07D8D0BF6) and was forced to create a new key (ED65462EC8D5E4C5) signed by Kali Linux developers using the signing from the Ubuntu OpenPGP key server. Since the key was not compromised, the old key was not removed from the keyring.

When attempting to fetch the latest package list on systems still using the old key, users will see the error “Missing key 827C8569F2518CC677FECA1AED65462EC8D5E4C5, which is required to verify the signature.”

Although OffSec did not disclose the date of the key loss discovery, the company added that the Kali Linux repository was frozen on February 18.

The company stated: “In the coming days, almost all Kali systems will be unable to update. […] This is not just your problem, it is everyone’s problem, and it is entirely our fault. We lost access to the repository signing key and had to create a new key.”

“Meanwhile, we have frozen the repository (you may have noticed that there have been no updates since Friday the 18th), so currently no one is affected. But we will unfreeze the repository this week, now that it has been signed with the new key.”

To avoid encountering these update issues, OffSec recommends users manually download and install the new repository signing key using the following command:

sudo wget https://archive.kali.org/archive-keyring.gpg -O /usr/share/keyrings/kali-archive-keyring.gpg

OffSec also provides details on how to check if the file checksum matches and how to view the contents of the updated keyring. For those who do not trust manually updating the keyring, they can reinstall Kali using the updated image with the new keyring on their systems.

This is not the first time Kali Linux users have had to manually update the keyring to avoid update issues. In February 2018, Kali developers also let the GPG key expire and required users to manually update to the new key.

The Kali team at that time stated: “If you do not update Kali regularly (*cough*), then your archive keyring package will expire, and you will encounter key mismatches when using our repository. This is bad for you, but at least you can manually update.”

Related posts

  1. OpenWrt Disk Expansion Tutorial Supporting Two Modes
  2. The Ban Boosts Domestic Substitution Demand: Huawei Chips Seize Nvidia’s Market
  3. How Much Can You Earn from Embedded Development from Work to Retirement?
  4. Understanding Open Source Culture: Openness, Sharing, and Collaboration
  5. Understanding the Linux Time Command: A Must-Have Skill for Performance Tuning!
  6. Installation, Grounding, and Usage Requirements for Engine Control Units (ECU)
  7. Trace Elemental | Total Organic Carbon/Total Nitrogen Analyzer
  8. Learning BLE from Scratch: Connection (Part 2)
  9. Ansible: From Introduction to Abandonment (Part 1)
  10. Will NVIDIA GPUs Increase in Price Due to the US-China Tariff War?
  11. Detailed Explanation of Three Major PLC Variables: Digital, Analog, and Pulse
  12. Why Do Multi-Agent Systems Often Fail? Berkeley Points Out Their Human Collaboration Flaws!
  13. Bohai Technology: A Comprehensive Overview of Allwinner Technology
  14. Building Virtual Vehicles with Simulink
  15. LoRa-Based Termite Online Monitoring System
  16. Meeting Processor Performance and Safety Requirements in New ADAS and Autonomous Driving Systems
  17. Energy Consumption Optimization Strategies for Wireless Sensor Networks in Smart Agricultural Monitoring PCBs
  18. Micromagnetic Robots Simulate the Dexterous Movements of Surgeons
  19. Wuhan Taxi ‘Sky Eye’ Goes Live, 16,000 Vehicles Can Be Dispatched in Real-Time to Evacuate Passengers

Leave a Comment