Why am I getting authentication errors for packages from an Ubuntu repository?

I'm experimenting with VPNs, so I wanted to install pptpd.

john@desktop:~$ sudo apt-get install pptpd
[sudo] password for john: 
<snip>
The following extra packages will be installed:
  bcrelay
The following NEW packages will be installed:
  bcrelay pptpd
0 upgraded, 2 newly installed, 0 to remove and 11 not upgraded.
Need to get 90.5 kB of archives.
After this operation, 442 kB of additional disk space will be used.
Do you want to continue [Y/n]? y

And everything runs fine until I get down to here:

WARNING: The following packages cannot be authenticated!
  bcrelay pptpd
Install these packages without verification [y/N]? n
E: Some packages could not be authenticated

No authentication? I'm no security expert, but I'm fairly sure that's a bad thing. So I check to see where the packages are coming from.

john@desktop:~$ apt-cache policy pptpd
pptpd:
  Installed: (none)
  Candidate: 1.3.4-3ubuntu1
  Version table:
     1.3.4-3ubuntu1 0
        500 http://us.archive.ubuntu.com/ubuntu/ natty/main i386 Packages
john@desktop:~$ apt-cache policy bcrelay
bcrelay:
  Installed: (none)
  Candidate: 1.3.4-3ubuntu1
  Version table:
     1.3.4-3ubuntu1 0
        500 http://us.archive.ubuntu.com/ubuntu/ natty/main i386 Packages

They're coming from Ubuntu.com and not being properly authenticated? What's going on here?


Solution 1:

apt-key utility

apt-key is used to manage the list of keys used by apt to verify packages. Packages which have been verified using these keys will be considered trusted. To update the local keyring with the keyring of Ubuntu archive keys and removes from the keyring the archive keys which are no longer valid.

$ sudo apt-key update
$ sudo apt-get update

try install something...

Solution 2:

sudo apt-get update

Was enough to fix it for me.

Solution 3:

I had this issue on Ubuntu 12.10 (Quantal Quetzal). The same issue occurred if I tried to use the Synaptic Package Manager GUI.

It turned out that my system was still set to use a proxy server for a network I was no longer connected to and thus could no longer use. Once I disabled the proxy server, apt was able to authenticate the packages properly.

In order to disable the proxy on Ubuntu 12.10 (Quantal Quetzal), follow these steps:

  1. Press the Super button on your keyboard (A.K.A. the Windows Logo button)
  2. Type Network and press enter
  3. Select Network Proxy
  4. Change the method to None
  5. Click Apply System Wide
  6. apt should now be able to authenticate the packages

Solution 4:

Beware corporate proxies!

I was getting WARNING: The following packages cannot be authenticated! for openjdk-7-jdk (amongst other packages), while sitting behind a proxy. Even configuring `/etc/apt/apt.conf' and Settings->NetworkSettings with Proxy config didn't allow the packages to be authenticated or installed.

Tried (while behind proxy): $ sudo apt-key update $ sudo apt-get update

Keys weren't updated, apt-get update updated some stuff, no warnings or errors. But I still couldn't could install openjdk-7-jdk.

Solution:

  1. Connect directly to net (ie avoid the corporate proxy)
  2. Switch off proxy config in Settings and /etc/apt/apt.conf
  3. sudo apt-key update
  4. sudo apt-get update
  5. sudo apt-get install openjdk-7-jdk

Packages are authenticated, downloaded and installed.