尝试更新Debian服务器时,出现以下警告:
WARNING: The following packages cannot be authenticated!
e2fslibs e2fsprogs perl libperl5.20 perl-base perl-modules tar libapparmor1 libseccomp2 libsystemd0 libudev1 udev systemd ifupdown
systemd-sysv libprocps3 procps libgpg-error0 libgcrypt20 libcomerr2 libss2 libssl-dev libssl1.0.0 git git-man libldap-common
libldap-2.4-2 libcurl3-gnutls bash-completion libsqlite3-0 libfftw3-double3 libmagickwand-6.q16-2 libmagickcore-6.q16-2
imagemagick-common curl libcurl3 libfastjson4 libglib2.0-0 liblognorm5 mysql-common libmysqlclient18 libpcap0.8 libpulse0 librbd1
librados2 mosh rsyslog wget augeas-lenses ca-certificates-java dh-python htop libaugeas0 libcupsimage2 libcups2 libecj-java
libglib2.0-data libnss-myhostname libtcnative-1 libtomcat8-java linux-libc-dev openssl python-pkg-resources python-pyinotify
python3-pkg-resources shared-mime-info socat tmux tomcat8-common tomcat8
Install these packages without verification? [y/N] y
Get:1 http://ftp.fr.debian.org/debian/ jessie/main libboost-iostreams1.55.0 amd64 1.55.0+dfsg-3 [48.9 kB]
Get:2 http://ftp.debian.org/debian/ jessie-backports/main e2fslibs amd64 1.43.3-1~bpo8+1 [210 kB]
Get:3 http://ftp.fr.debian.org/debian/ jessie/main libboost-random1.55.0 amd64 1.55.0+dfsg-3 [30.3 kB]
Get:4 http://ftp.debian.org/debian/ jessie-backports/main e2fsprogs amd64 1.43.3-1~bpo8+1 [924 kB]
Get:5 http://ftp.debian.org/debian/ jessie-backports/main tar amd64 1.29b-1~bpo8+1 [752 kB]
Get:6 http://ftp.debian.org/debian/ jessie-backports/main libapparmor1 amd64 2.10.95-4~bpo8+2 [75.8 kB]
...etc
我看到没有使用https。这是这里的问题吗?我该如何解决这个问题?
根据要求更新:
apt键列表:
/etc/apt/trusted.gpg
--------------------
pub 1024D/BA684223 2012-02-08 [expired: 2017-04-19]
uid isv:ownCloud OBS Project <isv:[email protected]>
pub 2048R/557BEFF9 2016-09-25 [expires: 2018-12-04]
uid isv:ownCloud OBS Project <isv:[email protected]>
pub 2048R/479BC94B 2013-08-26 [expires: 2018-08-25]
uid ownCloud build service <obsrun@localhost>
sub 2048R/8DE365D9 2013-08-26 [expires: 2018-08-25]
sub 2048D/86EB6027 2013-08-26 [expires: 2018-08-25]
sub 2048g/1722EF54 2013-08-26 [expires: 2018-08-25]
/etc/apt/trusted.gpg.d/debian-archive-jessie-automatic.gpg
----------------------------------------------------------
pub 4096R/2B90D010 2014-11-21 [expires: 2022-11-19]
uid Debian Archive Automatic Signing Key (8/jessie) <[email protected]>
/etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg
-------------------------------------------------------------------
pub 4096R/C857C906 2014-11-21 [expires: 2022-11-19]
uid Debian Security Archive Automatic Signing Key (8/jessie) <[email protected]>
/etc/apt/trusted.gpg.d/debian-archive-jessie-stable.gpg
-------------------------------------------------------
pub 4096R/518E17E1 2013-08-17 [expires: 2021-08-15]
uid Jessie Stable Release Key <[email protected]>
/etc/apt/trusted.gpg.d/debian-archive-stretch-automatic.gpg
-----------------------------------------------------------
pub 4096R/F66AEC98 2017-05-22 [expires: 2025-05-20]
uid Debian Archive Automatic Signing Key (9/stretch) <[email protected]>
sub 4096R/B7D453EC 2017-05-22 [expires: 2025-05-20]
/etc/apt/trusted.gpg.d/debian-archive-stretch-security-automatic.gpg
--------------------------------------------------------------------
pub 4096R/8AE22BA9 2017-05-22 [expires: 2025-05-20]
uid Debian Security Archive Automatic Signing Key (9/stretch) <[email protected]>
sub 4096R/331F7F50 2017-05-22 [expires: 2025-05-20]
/etc/apt/trusted.gpg.d/debian-archive-stretch-stable.gpg
--------------------------------------------------------
pub 4096R/1A7B6500 2017-05-20 [expires: 2025-05-18]
uid Debian Stable Release Key (9/stretch) <[email protected]>
/etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg
----------------------------------------------------------
pub 4096R/46925553 2012-04-27 [expires: 2020-04-25]
uid Debian Archive Automatic Signing Key (7.0/wheezy) <[email protected]>
/etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg
-------------------------------------------------------
pub 4096R/65FFB764 2012-05-08 [expires: 2019-05-07]
uid Wheezy Stable Release Key <[email protected]>
我看到没有使用https。这是这里的问题吗?
不,Debian软件包使用签名的哈希进行身份验证,并且不依赖于传输的安全性。
我该如何解决这个问题?
与我最初评论的相反,您apt
(以及和apt-get
和aptitude
,它们都使用相同的密钥配置)已正确设置,并具有适当的密钥。这意味着在此update
阶段发生了错误;apt
本来会抱怨无法在更新期间验证存储库索引。
您可以再试apt update
一次;如果成功,则一切都很好(除非同时损坏了您下载的软件包),否则错误应该会为发生的事情提供一个更好的线索。
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句