Apt proxy is not signed

jeremiah.roth · February 25, 2021, 11:00pm

I’ve configured a few apt proxies (NXRM v3.29.2) and they appear to be populating correctly, however after configuring my apt client to use these proxies (just using /etc/apt/sources.list, no auth), I get this when trying to use it:

W: GPG error: https://nexus.company.io/repository/Ansible-Bionic bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 93C4A3FD7BB9C367
W: The repository 'https://nexus.company.io/repository/Ansible-Bionic bionic InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

I can use the --allow-insecure-repositories flag to apt-get update and --allow-unauthenticated with apt-get install but is there a better way?

Did I miss something?

fravashy · April 26, 2021, 8:31am

Same here. OSS 3.28.1-01 with proxy apt repos for security.debian.org and deb.debian.org.

holmfry · August 9, 2022, 6:17pm

I’m having this same issue with some (not all, interestingly enough) of my apt proxies. Did you guys ever get this figured out? This is one of the only hits I could find of my exact issue.

Thanks!
OSS 3.39.0-01

jeremiah.roth · August 9, 2022, 8:31pm

I didn’t. I shelved my attempt and just haven’t gotten back around to tackling it again.

holmfry · August 10, 2022, 1:46pm

OK, thanks for letting me know! I ended up having to manually grab the gpg keys for the original repo from the ubuntu keyserver, but that’s not a great solution. I’ll update if I make it work for real.