Monday, October 7, 2013

Adding repositories to your sources.list

Tonight I added a repo to my sources.list but when I ran update I got an error message telling me my system could not trust the content since the GPG key was unknown. If you are regularly confronted with this you will probably know how to handle this but I have been install quite a lot of Linux for people that are totally new to Linux so I am going to use my blog for posting the solution.

When you run the apt-get update it will tell you which key the system isn't sure about. This value will be needed.

1. The first step is to get a copy of the key on your system. I found the following example online to illustrate this: gpg --keyserver pgpkeys.mit.edu --recv-key AED4B06F473041FA

This basically means get a copy of key AED4B06F473041FA from the key server at MIT. MIT is not the only key server in the world but it is a very popular one.

2. Now that the key is on your system you need to add it to apt's key ring:
gpg -a --export AED4B06F473041FA | sudo apt-key add -

Now that the key is known to apt you can run apt-get update again and will not get any errors for that key (may be others, but you got to repeat the procedure). Remember only to add sources that you trust.