Before going to check the issue and it’s solution, let’s first check What is GPG?.
GPG (or GNU Privacy Guard) is an open source implementation of PGP. It is an encryption technique which was originally developed for e-mail messaging exchanges and that is now using in a number of different applications e.g. code signing for Linux code repositories and source code repositories like github. It is a cryptography package that allows users to exchange encrypted messages as well as digitally “sign” messages.
You might get issue for missing public GPG key error “NO_PUBKEY” on Ubuntu, Linux Mint or Debian based Linux distribution when executing update command.
$ sudo apt update
or
$ sudo apt-get update
If these errors aren’t fixed, apt will create problems when installing or upgrading packages.
The apt packaging system has a set of trusted keys that determine whether a package can be authenticated or not and therefore trusted packages can be installed on the system.
When you are running an sudo apt update or sudo apt-get update command then system shows you some error and prints on terminal window about not being able to download all repository indexes, it shows error something like below image.
If we looking at the error above, apt is telling us that the following keys are missing: 78BD65473CB3BD13. This can happen for various reasons e.g. when you add a repository to the system, you may forget to add its public key, or maybe there was a some key server error when trying to import the GPG key.
In above image, it shows [NO_PUBKEY] error for google chrome, but this issue can occur with other repository as well, e.g. PPA repositories, repositories provided by Nodejs, Yarn or any other repository.
Error message in above image says that the repository is not updated. That means you won’t receive updates from that repository, so you should import the public GPG key to fix this issue.
Let check two solutions below resolving above issue :
- One for fixing single GPG repository key.
- Other one for fixing all missing GPG key.
Solution 1: [NO_PUBKEY] fix for a single repository / key.
If you are missing only one public GPG repository key then you can run below command on your terminal window:
$ sudo apt-key adv --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys THE_MISSING_KEY_HERE
You’ll have to replace THE_MISSING_KEY_HERE with the missing GPG key shown on your terminal window, after NO_PUBKEY. For example, in the image above, the missing GPG key that must be used in this command is 78BD65473CB3BD13.
Therefore for fixing the error which shown in above image, the command would be like below:-
$ sudo apt-key adv --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys 78BD65473CB3BD13
Solution 2: Batch import all missing GPG keys.
When you’re missing multiple public OpenPGP keys you can use one-line command to import all of them in one go using the command below:
$ sudo apt update 2>&1 1>/dev/null | sed -ne 's/.*NO_PUBKEY //p' | while read key; do if ! [[ ${keys[*]} =~ "$key" ]]; then sudo apt-key adv --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys "$key"; keys+=("$key"); fi; done
Note:- For Ubuntu Specific you can also use keyserver.ubuntu.com in replacement with hkp://pool.sks-keyservers.net
All Rights Reserved. ReadAndCare