我访问的所有密钥服务器都超时了。我需要在不检查公钥签名的情况下安装软件包。有没有办法绕过所有的签名检查/忽略所有的签名错误,或者欺骗apt以为签名已通过?
我非常清楚这样做是危险的。
我非常清楚这样做是危险的。
--allow-unauthenticated
选项传递给apt-get
,如下所示:sudo apt-get --allow-unauthenticated upgrade
apt-get
的手册页面中:
--allow-unauthenticated
忽略无法验证的软件包并且不会提示。这对于像pbuilder这样的工具非常有用。配置项: APT::Get::AllowUnauthenticated。
您可以通过在/etc/apt/apt.conf.d/
目录下使用自己的配置文件来使此设置永久生效。文件名可以是99myown
,并且可以包含以下内容:
APT::Get::AllowUnauthenticated "true";
apt-get
命令,但不能使用普通的 apt
命令。 - Tor Klingbergecho "deb http://your.repo.domain/repository/ $(lsb_release -c -s) universe" | sudo tee /etc/apt/sources.list.d/your-repo-name.list
sudo apt -o Acquire::AllowInsecureRepositories=true \
-o Acquire::AllowDowngradeToInsecureRepositories=true \
update
## if the 'apt update' above fails it is likely due to previously
## having the GPG key and repository on the system, you can clean
## out the old lists with `sudo rm /var/lib/apt/lists/your.repo.domain*`
apt-get -o APT::Get::AllowUnauthenticated=true install repo-keyring-pkgname
## If you ever run `sudo apt-key del your-repos-keyID`
## you may have to `sudo apt remove --purge repo-keyring-pkgname`
## Update should run without the GPG warnings now that the key is installed
apt-get update
apt-get install somepkg-from-repo
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E3CA1A89941C42E6
就可以避免所有额外的软件包麻烦。sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E3CA1A89941C42E6
解决了!非常感谢! - Benedikt Köppelapt-get update
仍然收到EXPKEYSIG的错误提示。 - MitarAPT{Ignore {"gpg-pubkey"; }};
APT { Get { AllowUnauthenticated "1"; }; };
时就可以工作了。 - php-coder/etc/apt/apt.conf.d/99allow_unauth
文件,并将以下内容添加进去:APT { Get { AllowUnauthenticated "1"; }; };
deb [ allow-insecure=yes ] http...