apt-key add on Debian Stretch: no valid OpenPGP data found
I'm trying to follow the installation instructions for Debian provided on Docker website. Unfortunately adding a GPG key fails for me:
$ curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
gpg: WARNING: nothing exported
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
I've tried to download the key and add it from the local file system, but the effect is the same:
$ apt-key add docker.gpg
gpg: WARNING: nothing exported
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
The same happens for other keys, e.g. VirtualBox:
$ apt-key add oracle_vbox_2016.asc
gpg: WARNING: nothing exported
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
The keys looks fine:
$ cat docker.gpg
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth
lqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh
[...]
jCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG
YT90qFF93M3v01BbxP+EIY2/9tiIPbrd
=0YYhg
-----END PGP PUBLIC KEY BLOCK-----
$ shasum docker.gpg
f5b5bd1487cefc0c53c947e11ca202e86b33dbad docker.gpg
$ gpg --list-packets docker.gpg
# off=0 ctb=99 tag=6 hlen=3 plen=525
:public key packet:
version 4, algo 1, created 1487788586, expires 0
pkey[0]: [4096 bits]
pkey[1]: [17 bits]
keyid: 8D81803C0EBFCD88
# off=528 ctb=b4 tag=13 hlen=2 plen=43
:user ID packet: "Docker Release (CE deb) <[email protected]>"
# off=573 ctb=89 tag=2 hlen=3 plen=567
:signature packet: algo 1, keyid 8D81803C0EBFCD88
version 4, created 1487792064, md5len 0, sigclass 0x13
digest algo 10, begin of digest b2 c9
hashed subpkt 2 len 4 (sig created 2017-02-22)
hashed subpkt 27 len 1 (key flags: 2F)
hashed subpkt 11 len 4 (pref-sym-algos: 9 8 7 3)
hashed subpkt 21 len 4 (pref-hash-algos: 10 9 8 11)
hashed subpkt 22 len 4 (pref-zip-algos: 2 3 1 0)
hashed subpkt 30 len 1 (features: 01)
hashed subpkt 23 len 1 (keyserver preferences: 80)
subpkt 16 len 8 (issuer key ID 8D81803C0EBFCD88)
data: [4094 bits]
# off=1143 ctb=b9 tag=14 hlen=3 plen=525
:public sub key packet:
version 4, algo 1, created 1487788586, expires 0
pkey[0]: [4096 bits]
pkey[1]: [17 bits]
keyid: 7EA0A9C3F273FCD8
# off=1671 ctb=89 tag=2 hlen=3 plen=1086
:signature packet: algo 1, keyid 8D81803C0EBFCD88
version 4, created 1487788586, md5len 0, sigclass 0x18
digest algo 8, begin of digest f2 b8
hashed subpkt 2 len 4 (sig created 2017-02-22)
hashed subpkt 27 len 1 (key flags: 02)
subpkt 16 len 8 (issuer key ID 8D81803C0EBFCD88)
subpkt 32 len 540 (signature: v4, class 0x19, algo 1, digest algo 8)
data: [4095 bits]
Am I doing something wrong? What steps should I take to troubleshoot it further?
I'm on Debian Stretch. I don't have any firewall. I've tried it on several networks.
Just removing /etc/apt/trusted.gpg solves the problem. This is not harmful. all debian keys are stored in /etc/apt/trusted.gpg.d.
This trusted.gpg file is created by software-properties-gtk (for storing other repo keys, I guess) and it doesn't fit with apt on Debian Stretch.
Ref: https://readlist.com/lists/lists.debian.org/debian-user/77/388463.html
My answer is way too late, but since I had the same problem and I finally managed to solve it, here is the solution.
The symptoms: my apt-get was always refusing to update, because the keys could not be checked. Apt-key always refused to add new keys (saying there was no key to add when reading the key from gpg), so I was stuck.
It was in fact the file /etc/apt/trusted.gpg that got corrupted. After making a backup copy of this file, I re-imported into gpg the debian signing keys: 8B48AD6246925553, etc (see https://ftp-master.debian.org/keys.html): gpg --keyserver keyring.debian.org --recv-keys 8B48AD6246925553
Then deleted the file "trusted.gpg" and I used gpg to export the keys into /etc/apt/trusted.gpg: gpg --export 8B48AD646925553 >> trusted.gpg
Do it for each key, and apt-get works again!!
Mathias