apt-get update issue in Kali
I’m running Kali Linux in WSL2. It’s a new installation (using wsl —install ) but when I try to apt-get update I get the following error:
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://mirrors.jevincanders.net/kali kali-rolling InRelease: The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository W: Failed to fetch http://http.kali.org/kali/dists/kali-rolling/InRelease The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository W: Some index files failed to download. They have been ignored, or old ones used instead.
Now I’ve seen other questions that suggest an apt-key command to fix this. However, this throws another error:
E: gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation
Which apt-key command did you run? GnuPG should already be installed by default (and indeed the initial output about signatures shows GPG is installed).
@fuzzydrawings this is the specific one I used: wget -q -O — https://archive.kali.org/archive-key.asc | apt-key add
if you can’t use apt may try downloading a compatible version of gnupg from debian package archive and then install the downloaded package with dpkg
10 Answers 10
Yes, there appears to be issues with Kali Linux WSL (not downloaded from Microsoft Store).
The Kali archive keys appear to be missing and cannot be installed using apt-add key since it relies on GnuPG, which cannot be installed using apt , since the signatures cannot be verified.
The best solution is the one submitted by Jim which installed the Kali archive keys from a Debian package. Once this is done apt update and apt upgrade will work.
- Download the Debian package for the Kali archive keys wget -O kali-archive-keyring_2020.2_all.deb https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2020.2_all.deb
- Install the Kali archive key package sudo dpkg -i kali-archive-keyring_2020.2_all.deb
- Update list of available packages from Kali repo sudo apt update
- Upgrade the WSL system sudo apt full-upgrade
if you encounter any 404 error messages when trying to download the keyring, please try the following:
Update 2022
for convenience reasons: the current keyring file changed, use the following commands:
# download wget http://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2022.1_all.deb # install sudo dpkg -i kali-archive-keyring_2022.1_all.deb # remove downloaded file again rm kali-archive-keyring_2022.1_all.deb # update sudo apt-get update
So if the download path is compromised, the downloaded package over HTTP (an insecure channel) can be anything. Normally (and specifically requiring a correct archive keyring in the first place) the apt-get command validates the package’s checksum against the signed release file. Here nothing such was done. It’s about Kali, so «insecure channel» is not something hypothetical.
The correct way is to have an other correctly installed system and use the results of the dry-run command apt-get —print-uris reinstall kali-archive-keyring (doesn’t require root) run on that other system: URL + checksum verified against the signed release file.
I did not alter /etc/apt/sources.list .
I solved the «An error occurred during the signature verification» with the following commands (run from root):
wget --no-check-certificate https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2020.2_all.deb dpkg -i kali-archive-keyring_2020.2_all.deb apt update
This answer is the one that worked for me. The important difference is that I needed to include —no-check-certificate in the wget command.
Manually download and install the needed package to verify the signature:
wget https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2020.2_all.deb sudo dpkg -i kali-archive-keyring_2020.2_all.deb
Then apt update and apt upgrade should work as expected.
Please elaborate a little on what your answer is doing so that everyone can learn a little from it 🙂
it worked for me, I just updated the naming from current version here http.kali.org/kali/pool/main/k/kali-archive-keyring
Adding a bit more to this as there is one extra step needed for me: Windows 11 WSL kali-linux
wget --no-check-certificate https://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2020.2_all.deb dpkg -i kali-archive-keyring_2020.2_all.deb apt update apt install libcrypt1 apt full-upgrade apt autoremove
Without installing libcrypt1 first, an upgrade will lock you out of Kali.
for me just installing libcrypt locked me out of kali lol.. and nothing fixes it except reinstalling wsl kali.
Weird — the version of Kali downloaded by WSL with wsl —install is completely broken and is missing a lot of things. If you want to run Kali on WSL, download it from the Windows Store instead.
What to do when your organization blocked Microsoft Store? Microsoft itself recommends to install the distribution then manually.
The store and the —install version are the same, you can verify by manually installing first and going to the Windows Store page, it will say Open , not Get .
Windows 11 (x64) #install wsl version 2 C:\> wsl --set-default-version 2 #install kali-linux distribution C:\> wsl --install --distribution kali-linux # get keyring # https will not work use http @:~$ wget -O kali-archive-keyring_2020.2_all.deb http://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2020.2_all.deb # use dpkg to install .deb user@hostname:~$ sudo dpkg -i kali-archive-keyring_2020.2_all.deb # apt update&upgrade user@hostname:~$ sudo apt update && sudo apt upgrade
As it’s currently written, your answer is unclear. Please edit to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers in the help center.
Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.
Found this somewhere . Really helped me to update my OLD kali .For 2022
sudo dpkg -i kali-archive-keyring_2022.1_all.deb
Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.
Here is the fix just run this
wget -q -O — https://archive.kali.org/archive-key.asc | sudo gpg —dearmor -o /usr/share/keyrings/kali-archive-keyring.gpg
To add the Key first we need to download it from the website of the package you are installing. For example, here we are downloading the key file to add repositories for on Kali-rolling.
- Install wget if you don’t already have it using:
——BEGIN PGP PUBLIC KEY BLOCK—— mQINBE9U1CgBEAChen9+cvBS8ioHoCU6wBbL9jaIk5P7ZkPpjDsovMvimqZaozS8 fEAZM23gJlFratc+rRllV9hPZmGqhtT50RLDzC3yFOvFnJqAPvpVDO2ipQCVnJDX 0eWDhT62RDwk+FhjksEDwP7Yc4CgohdGDYQu1zTBSLL5qen3rckCnHF2OnSiKnYM 8YCIKAYMt4VRArAvivjOMspN+1xy2S8GYXX2felsu3Ir1DXvUIE7b/9sdK6MzBcq joDH34OqX6isqAW0+K93lmVN+U4yFMzfEB74UMQNWKg39mCB0K/VfQ89ih4zvF9a zENbFzfF0O0h09oHF4ZTaUFeI8JImp/x9FC+LveUyJot9t/xv0HVUd08Y4PgO48C iXOTqqqm/DPF0AbHJGpTuonOsKy3/dYhk7Fvsfn02DMds+RKsukBEzypTIIIzMBF Uwiq/GaaNRWw6lnOyE4wMmpwRa11QVDDWkMpuOr1tPV7M+EMAhZY7cyHDmRTOFL3 H0CxYnInis+k1NQikqtLxNrzWdxsXU25BMbEsAQq7aRTs7wpOnUK+yY+qTG/V5nl J6II+/CtWJthIef22r8EYX1BQOXRggamy0nxViC3S6kjuU2Lb1qnDb/c7T9hB723 4T9yrRHJbygTvQD8BJBADgRy7+XInCp01V4nAJZSu20qopEg082SdWK9FwARAQAB tCZLYWxpIExpbnV4IFJlcG9zaXRvcnkgPGRldmVsQGthbGkub3JnPokCVQQTAQoA PwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AWIQRExlE6jk+z0wh191jtRE/w fY0L9gUCYe/xTgUJGD63pgAKCRDtRE/wfY0L9ofUD/9zichMeQ5+XxHnpHTSmUNR 9eCcis6NGIbW+hTfSxSttfCQBrxKGfYXwVcqGRIiSDp9FcfqH5UsgPOzgJzmLBLV i0HfMRDpcCWJzk8VfWde/5Hv0P0XSx/Y+VR7PMJVOzWkF7o0kM4bITx3M5BYY08s leoZMNZo9sSR0GdzbXoIXkuBwMG+nw0qjfsyI8Qcsi52Uk8YhdCkgaAb8vYyxMwO qKJ6SIIENT6ycyZw4ueFZXZY/RYPJFvWZEYB0cFOMbNwlrXFUZyr4fDdPruaPlZW zBIU8jwEE372frdRuXilJ2Q+Me9jhSxvnJegJsHDdgeLU6IDeAiaAaTzvufr3KmA YifZ1Q20xDzdN5RZ5x3vNV9cihVb3qizSUe0y6LfpPeIPoa+ENzT4WqhP6rfMMhF 2KcwhNFP+faB+qs79YqIWnChrJNiE5HQDDgP6DY1ETmjj6Bo+DC9RyasWT5pSJYA 8rOVJ+1bE4sxlqtvDVlAdR1LwIpHeskz4o/lAMPHSNTX2WBDJdYvhT28xTC3cYlA kcdpvBbjj7C4VqgMvsPLg13lfR/A28ADO6AxY323+OpPv6crsDbYOcIBpwBgHb96 AYyottiEfNnLBCysR/m34TdlYvFW0KDYsbMYLCJH/uzJK3l8TCdVBfkzDMMctSFV nFY/xHhDFweArXNHru2CJLkCDQRPVNQoARAAoMOCt6yDngNUawaFLqFzzkQ2UDt1 LyWMM5qRusYmVW7DbMqRgl816AhW3qGXlpET2QDK/C7np8kiwkx22cWkK2W7e877 bKGX1jH0k8jIZWxE15pBCBkTk+zb6elC263qiw36jxAlEnwd4eP0OAY6SxD9xi5H fJ7zXO+2hF4bVgofRGNmr5IA9SPL0yRJo+dNm3Sh+MhdNMpvJpOdk0PWqq1ZP9LC 1XCYNtjlImsemugLloKIrdpwAcHJ6XqhyI5IujftmUfN6hL33MAl34Auy/4ElUFU 9DjvWI7lu+R7P8jdDQB3C10/epbmRu7vqtRNUMf7q+MERZQCPqn75qO8P4zGGHdD hVRQjAlefx6ULvhRlLfCkjrSrpnHFGcYLzPXQuxuhSLvZyCnJrG1XmgLB5SAFPxI K1oBydqZOYPsPGKZSvMHpBPv9yR2tM6yBjBzBV3/wQCaHD9Yp3sZD9RxSWtAvk3e zRjQon81W4S0J6dUZL2mog7gWzDj9v42cIV890ezS077dpeL2fSZOUr3fMrM1ZPf JKue8SrvlVVV1wySA6VxBss71iWZNEHC5gD/geC863FaOxXKFZXWxD+MeM/hrUef mj67fQ4rjzTgKFRtivmSKzggA3FeOeUCg0gadG9sGH/gfxToA61T/xxEWEyuwJiO 2SVS/iBjQnfcjDMAEQEAAYkCPAQYAQoAJgIbDBYhBETGUTqOT7PTCHX3WO1ET/B9 jQv2BQJh7/JiBQkYPri6AAoJEO1ET/B9jQv2cjYQAJIsOLkH0jl09uVIY84TOYru 4+SMChH6AJklY/600EX8zTBIb0641dsSWk2XyXF+exrlhp/v5ctPb+TbYTDUsQA4 o2lTJ/rLpUIGJU04tIfA0VMCCyCJAOO1OVpEGU1QwRCQ+NnLDHKdNjvJgF9Y3dpY LL388O6BY0tBPF+/DTsoeJLkb6dohJmyk6ls5zi7ZvY2ab1AmwVXBEfYolisla69 OcGbNrabtpMdd/zdCVxyoHuXaYEuqdMLGbYTDoPI9I2gSBOxIHIJ7z/rHFCDaSSB iDDE/+mLZLcbj9pSuQn40ZWEPWELUz1YyjI4bSWYQ/gr5UQhOcNmH1KVULm/s6Sx 1MBUvWLXFxqb+T7PqWeUAIMTZTjfBiMqJjPzZ61zBBeQDKvciEy/UnunvX+e1cNQ 1aDzeqaQ3OqJaoFbjmzE218SelQvWCCWQ24ixgQZp8/xd3ae5oQNwqdC0Z6azyMu l5dzA+1VxXqlTVZ5gH1/74PZP1YeKPgmSx3LrP3gpOP7Rp99wTZ77b9layR9ZyEP IdcIJF0QNSIrKXHjdh5pTqvLhnw58WjGFOhfyA0/YGsV2wbByGuSOAoGEZMg+hs4 4P3CudqoHQeHZOcflpRwRqheyZc+n2AGxN+RFpvaRV9cs8CiuHyvGHTgq7eear53
ktZPxNR6/WtX7iCfqkg4
=3Lxm ——END PGP PUBLIC KEY BLOCK——
How to fix apt-get install / update not working on my Kali Linux [closed]
I’m using Kali Linux but the apt-get install command is not working to install any application on my system. Mustafa1112221 I think it’s got something to do with my Kali Linux repository sources.list file. The file may be empty or the current repo address is wrong or experiencing a problem. Please, could someone provide me a link to the Kali official sources.list file?
1 Answer 1
Open a terminal and follow these instructions:
- Type sudo -i
- Type in your password.
- Type touch /etc/apt/sources.list
- Type chmod 644 /etc/apt/sources.list
- Type echo «deb http://http.kali.org/kali kali-rolling main contrib non-free» > /etc/apt/sources.list
- Type apt-key adv —keyserver hkp://keys.gnupg.net —recv-keys 7D8D0BF6
- Type apt update
- Now install whatever it is that you want to install.
I upvoted this answer because Google led me to it when I searched for why ‘apt-get update’ didn’t do anything. It was the 2nd answer from the google-gods and quickly fixed the problem.
What i get on step 6 is gpg:keyserver failed: Network is unreachable . How should I solve that .. installed Kali and all I see is the bash shell mode.
I think I am not able to access it. No. I am not behind proxy. How to check if i am connected to internet through the command line? What I found is that I need wpa_supplicant but I can’t install it without the net connection I guess because when I try I get Network connection failed . I am really sorry for my confusing answers but I am total newbie. For now 🙂
@TomaTomov : apt-get update does require an internet connection because it downloads information regarding the latest packages and their versions from the repository. You won’t be able to take update unless you have an internet connection. To check if you are connected try pinging a website. for example, ping duckduckgo.com and see if it replies. This is a simple but not a sure shot to check your internet connectivity. Depending upon your environment and firewall configurations, you may or may not get a reply.