How do I bypass/ignore the gpg signature checks of apt?

apt gnupg

Solution 1:

Pass the --allow-unauthenticated option to apt-get as in:

sudo apt-get --allow-unauthenticated upgrade

From tha manual page of apt-get:

--allow-unauthenticated
Ignore if packages can't be authenticated and don't prompt about it. This is useful for tools like pbuilder. Configuration Item: APT::Get::AllowUnauthenticated.

You can make this setting permanent by using your own config file at /etc/apt/apt.conf.d/ dir. The filename can be 99myown and it may contain this line:

APT::Get::AllowUnauthenticated "true";

In this way, you don't need to use the option every time you want to install software. Note: I do not recommend setting this option by default, it bypasses signature checks that could allow an adversary to compromise your computer.

Solution 2:

If you are trying to get a package from a repository where they packaged the keys and include them within the repository and no where else, it can be very annoying to download and install the key/keyring package using dpkg, and very difficult to do so in an easily scriptable and repeatable manner.

The below script is not recommended if you can install the keys from a keyserver or download them from a trusted source via https, but if you don't have ANY other way, you can use this.

echo "deb http://your.repo.domain/repository/ $(lsb_release -c -s) universe" | sudo tee /etc/apt/sources.list.d/your-repo-name.list

sudo apt -o Acquire::AllowInsecureRepositories=true \
-o Acquire::AllowDowngradeToInsecureRepositories=true \
update

## if the 'apt update' above fails it is likely due to previously
## having the GPG key and repository on the system, you can clean
## out the old lists with `sudo rm /var/lib/apt/lists/your.repo.domain*`

apt-get -o APT::Get::AllowUnauthenticated=true install repo-keyring-pkgname

## If you ever run `sudo apt-key del your-repos-keyID`
## you may have to `sudo apt remove --purge repo-keyring-pkgname`
## Update should run without the GPG warnings now that the key is installed

apt-get update
apt-get install somepkg-from-repo

I originally put this together because i3 in their sur5r repo does this, but then I found out their keys are in the keyserver.ubuntu.com list, so I can just sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E3CA1A89941C42E6 and avoid all the extra package hassles.

Solution 3:

Maybe you can try to create the file /etc/apt/apt.conf (it will be read if you create it) and insert this code:

APT{Ignore {"gpg-pubkey"; }};

Related

How do I install and run a TFTP server?
How to compile a python file?
How to set the fully qualified domain name in 12.04?
How to change the screen resolution when using RDesktop?
hidden files always being shown
Multi-Core Compression tools
How would a local government make the switch from Windows to Ubuntu?
Virtualbox not seeing any usb devices in the usb filters settings
What will happen when the Code Names of the Ubuntu releases get to Z [closed]
"This account is currently not available" error when trying to ssh
What is the equivalent of an "exe file"?
What is a activity in KDE and what can I do with it?