When running sudo apt update, I am presented with the following error:
Err:4 https://apt.releases.hashicorp.com focal InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AA16FCBCA621E701
How can I fix this?
3
Answers
The GPG key is outdated or missing.
Run this code to remove the outdated key
sudo rm /usr/share/keyrings/hashicorp-archive-keyring.gpgAnd this to obtain the current key:
curl https://apt.releases.hashicorp.com/gpg | gpg --dearmor > /usr/share/keyrings/hashicorp-archive-keyring.gpgI had the run that last one under root (
sudo -s), as I couldn't get sudo to play ball with the pipe character. Not really sure whyRemove the exiting Hashicorp files under
/etc/apt/sources.list.d/and then follow the official guide:So the problem is with the sources.list file being used. Ultimately it links to a keyring, which doesn’t contain key
AA16FCBCA621E701.In my case this was the file
/etc/apt/sources.list.d/hashicorp.listThe above notes (thank you MacroMan), led me to this (which creates a new, valid hashicorp-archive-keyring.gpg, his original instructions don’t work unless you’re running as
su - root, which I never do)With the new keyring, edit the above file to replace
terraform-archive-keyring.gpgwithhashicorp-archive-keyring.gpgandsudo apt-get updateshould run without errors.Alternatively (I didn’t run this, but someone might find it useful, as it recreates the sources.list using
sudo tee, so doesnt need to be run as root, as>does)