Error adding Debian 12 main repository

Question

Error adding Debian 12 main repository

ghubz opened this issue a year ago · comments

Hi,

I am trying to add a mirror for http://deb.debian.org/debian bookworm main

however I keep getting:

gpgv: Signature made Sat Jun 10 12:33:58 2023 EEST using ? key ID 8783D481
gpgv: Can't check signature: unknown pubkey algorithm

The only difference I noticed between this key and all other on the system is that it is not RSA but EDDSA

/etc/apt/trusted.gpg.d/debian-archive-bookworm-stable.gpg
---------------------------------------------------------
pub   **ed25519** 2023-01-23 [SC] [expires: 2031-01-21]
      4D64 FEC1 19C2 0290 67D6  E791 F8D2 585B 8783 D481
uid           [ unknown] Debian Stable Release Key (12/bookworm) <debian-release@lists.debian.org>

I tried everything but nothing works.

The system is running Debian 10 with gpg from backports

gpg --version
gpg (GnuPG) 2.2.27
libgcrypt 1.8.4
Copyright (C) 2021 Free Software Foundation, Inc.
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: /root/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

I am running aptly v1.3.0+ds1-2.2deb10u2.
I have upgraded to 1.4.0+ds1-2bpo10+1 from backports but made no difference.

Any ideas?

ghubz · Answer 1 · Thu Jul 13 2023 14:45:51 GMT+0800 (China Standard Time)

To add to my previous message, changing the gpgProvider to "internal" in the config returns

Downloading http://deb.debian.org/debian/dists/bookworm/InRelease...
Downloading http://deb.debian.org/debian/dists/bookworm/Release...
Downloading http://deb.debian.org/debian/dists/bookworm/Release.gpg...
ERROR: unable to fetch mirror: failed to verify detached signature: openpgp: unsupported feature: public key algorithm 22

ghubz · Answer 2 · Thu Jul 13 2023 19:24:41 GMT+0800 (China Standard Time)

More info after testing:

On a newly installed Debian 11 it works fine.
On a newly installed Debian 10 it does not work. Upgrading the same machine to Debian 11 still does not resolve the issue.

On the Debian 11 that works gpg --list-keys returns no keys at all. :/
Exporting apt keys from This system to the others makes no difference.

basti-nis · Answer 3 · Thu Aug 10 2023 20:58:15 GMT+0800 (China Standard Time)

Hi @ghubz ,
I've faced the same issue and changed the gpgProvider from "gpg" to "gpg2". After that, it works for me.
I'm on debian 11 (upgraded from debian 10) and aptly v1.5.0 (nightly).