Jump to content

Kali Repo question.


TN.Frank
 Share

Recommended Posts

In a similar vein to my Debian Repos in Kali question I've removed all the "Debian" Repos and went with a set of Kali Repos.

deb http://http.kali.org/kali kali main non-free contrib

deb http://security.kali.org/kali-security kali/updates main contrib non-free

deb-src http://http.kali.org/kali kali main non-free contrib

deb-src http://security.kali.org/kali-security kali/updates main contrib non-free

deb http://repo.kali.org/kali kali-bleeding-edge main

#deb-src http://repo.kali.org/kali kali-bleeding-edge main

deb http://ppa.launchpad.net/linrunner/tlp/ubuntu lucid main

But I'm getting an error at "sudo apt-get update"

W: GPG error: http://http.kali.org kali Release: The following signatures were invalid: BADSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>

And wonder what I can do to get the proper signatures so I won't get the invalid error. Thanks

Link to comment
Share on other sites

Quick Up Date. I removed the "Bleeding Edge" and TLP Repos and added what was left to another laptop that I have and did a sudo apt-get update and got zero errors so it was probably in the TLP Public Key. I'll try this on Jr(my nc4400 laptop) and see if it'll fix him or not.

Link to comment
Share on other sites

You have to add the keys for the servers when you modify the repo list like this. The easiest was is to use apt-add-repository to add them. It is part of the python-software-properties package.

Ahh, ok, I'll give that a try. It's almost like when you add a PPA in Ubuntu then before you can add a package. Let me see if that'll fix it. "sudo apt-add-repository" Thanks

Ok, I need an argument to add them, go figure, LOL

The odd thing is that I am using the same Repo list in my #1 and in Jr. and #1 doesn't give me any errors at all but Jr. still does. Wonder if I should try the Repo list in my #2 to see what happens. Think I'll give that a shot.

Edited by TN.Frank
Link to comment
Share on other sites

I think it may be a Kali Repo problem. I just did a clean install and I'm getting the same errors so it's not from the soruces.list since it's bone stock right now. Wonder if one of their Repos is down? I can't install 99% of the packages that I normally use like gnome-tweak-tool, clementine, synaptic, ect. Guess I need to wait and see if the Repos get back up or what?

Link to comment
Share on other sites

Ok, so I think it's obvious that Kali is having some issues with it's Repos so I added the Debian ones to my sources.list as well for back up so my sources.lists look like this:

Kali:

deb http://http.kali.org/kali kali main non-free contrib

deb http://security.kali.org/kali-security kali/updates main contrib non-free

deb-src http://http.kali.org/kali kali main non-free contrib

deb-src http://security.kali.org/kali-security kali/updates main contrib non-free

Debian:

deb http://ftp.us.debian.org/debian stable main contrib non-free

deb-src http://ftp.us.debian.org/debian stable main contrib non-free

deb http://ftp.debian.org/debian/ wheezy-updates main contrib non-free

deb-src http://ftp.debian.org/debian/ wheezy-updates main contrib non-free

deb http://security.debian.org/ wheezy/updates main contrib non-free

deb-src http://security.debian.org/ wheezy/updates main contrib non-free

Link to comment
Share on other sites

W: Failed to fetch gzip:/var/lib/apt/lists/partial/http.kali.org_kali_dists_kali_non-free_source_Sources Hash Sum mismatch

W: Failed to fetch gzip:/var/lib/apt/lists/partial/http.kali.org_kali_dists_kali_main_binary-i386_Packages Hash Sum mismatch

E: Some index files failed to download. They have been ignored, or old ones used instead.

Link to comment
Share on other sites

This is in my sources.list:

deb http://http.kali.org/kali kali main non-free contrib
deb-src http://http.kali.org/kali kali main non-free contrib
deb http://security.kali.org/kali-security kali/updates main contrib non-free

Everything is working for me without errors. I am not pulling the security src pkgs, but everything else is the same.

Link to comment
Share on other sites

I still want to know what in heck this means??

W: GPG error: http://http.kali.org kali Release: The following signatures were invalid: BADSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>

Is something on Kali's end "broken" or do I need to try and get a new Public Key for something or what?

Link to comment
Share on other sites

Well, pulled out the Kali Repos

deb http://http.kali.org/kali kali main non-free contrib

deb http://security.kali.org/kali-security kali/updates main contrib non-free

deb-src http://http.kali.org/kali kali main non-free contrib

deb-src http://security.kali.org/kali-security kali/updates main contrib non-free

And just left the Debian ones

deb http://ftp.us.debian.org/debian stable main contrib non-free

deb-src http://ftp.us.debian.org/debian stable main contrib non-free

deb http://ftp.debian.org/debian/ wheezy-updates main contrib non-free

deb-src http://ftp.debian.org/debian/ wheezy-updates main contrib non-free

deb http://security.debian.org/ wheezy/updates main contrib non-free

deb-src http://security.debian.org/ wheezy/updates main contrib non-free

and the "problem" went away. I know this error has something to do with the Kali Repos, they're either down or something screwy is going on with them.

Link to comment
Share on other sites

GPG errors likely mean you need to download the keys for the repo before you can pull from them. The apt-add-repository command does this automatically. Otherwise, google for the process for adding new repos including downloading the gpg keys from the keyserver.

Link to comment
Share on other sites

GPG errors likely mean you need to download the keys for the repo before you can pull from them. The apt-add-repository command does this automatically. Otherwise, google for the process for adding new repos including downloading the gpg keys from the keyserver.

When I did a "sudo add-apt-repository" command I got a no argument error. Also, why would a brand spankin' new install with bone stock Repos give errors if there wasn't something wrong with the Repos? I think the Kali Repos are messed up or off line. Not having any trouble with the Debian Repos.

Link to comment
Share on other sites

Went back to all Kali Repos and did a "sudo apt-get clean" to clean up everything and I still get this error:

W: GPG error: http://http.kali.org kali Release: The following signatures were invalid: BADSIG ED444FF07D8D0BF6 Kali Linux Repository <devel@kali.org>

I would like to know why I'm getting this error, is anyone else getting it? How can I or what do I do to fix it?

Link to comment
Share on other sites

Again, clean install, apt-get update and errors. Even more after doing an apt-get dist-upgrade then another apt-get update. Kali Repos are broken, they need to look into issuing new GPG keys for their Repos and getting the Repos up and running like they're suppose to be. This is very frustrating to say the least.

Link to comment
Share on other sites

In an effort to have working Repos so I can download packages I've added Debian Testing to the standard Kali Repos. That way I can get what I can from the Kali Repos that work and get the rest from a Debian Repo.

## Regular repositories
deb http://http.kali.org/kali kali main non-free contrib
deb http://security.kali.org/kali-security kali/updates main contrib non-free
## Source repositories
deb-src http://http.kali.org/kali kali main non-free contrib
deb-src http://security.kali.org/kali-security kali/updates main contrib non-free

##Debian
deb http://ftp.us.debian.org/debian testing main contrib non-free
deb-src http://ftp.us.debian.org/debian testing main contrib non-free

deb http://ftp.debian.org/debian/ jessie-updates main contrib non-free
deb-src http://ftp.debian.org/debian/ jessie-updates main contrib non-free

deb http://security.debian.org/ jessie/updates main contrib non-free
deb-src http://security.debian.org/ jessie/updates main contrib non-free

Just be aware that if you add Debian Testing to your sources.list it'll take a couple hours or more to upgrade all the packages depending on your computer and interweb connection.

Edited by TN.Frank
Link to comment
Share on other sites

I really don't know what more to say on this from my experience. My KALI updates are working fine right now, but I have not gone through the steps of removing them to re-add them or anything like that. My installs have been around for a while, so perhaps a rebuild would show the same thing. Have you checked on the KALI forums to see if others are having issues?

Link to comment
Share on other sites

Yep, posted on the Kali Google Plus page last night and I've look up this "problem" on the interweb and others are having Public Key errors too. It's like they're Repos are either down or they've issued a new Public Key but not bothered to clue us in on it. Almost got the Debian Testing Repos all installed so I'll be a bit more "cutting edge" with my Kali install.

Link to comment
Share on other sites

I know they are shifting people to mirrors now, I just noticed that due to proxy auth errors in one of my systems. Perhaps some of the mirrors are not complete yet.

This could be because on the last couple installs I've had to change mirrors to get my install from the interweb. May just give it a week then try a fresh install to see if things are cleared up OR if I could figure out how to install Gqrx in say a Debian 7 Distro then I'd not have to worry about Kali since I'm only using it for it's SDR support.
Link to comment
Share on other sites

Ok, did ANOTHER clean install and this time when it got near the end and went out on the interweb to pull packages I didn't have to change download mirrors so it was a good install. apt-get update brought no errors. Installed a package(gnome tweak tool) and it went in right with no problems and even after a dist-upgrade things still work. I guess whatever Repo problems Kali was having have been fixed or I just got lucky. Either way it's in and running on my #1. Now I need to do a clean install on my #2 and on Jr. just so all laptops will be on the same page. This should be fun.

Link to comment
Share on other sites

I'm actually starting to think this is/was a Debian problem because yesterday when I did an update on my grandkids Point Linux install(Debian 7 based) I got the same GPG error what I was getting with Kali. I wonder if Debian is updating all of their Repos and this is what's throwing the error until they get the Repos fixed?

Link to comment
Share on other sites

You sure it's not something you have installed that's causing it? I run kali as my work laptop, and have another kali install on my main home laptop, I also have a debian wheezy desktop and laptop at home. None of them throw, or have ever thrown repo errors during an update.

Link to comment
Share on other sites

You sure it's not something you have installed that's causing it? I run kali as my work laptop, and have another kali install on my main home laptop, I also have a debian wheezy desktop and laptop at home. None of them throw, or have ever thrown repo errors during an update.

I was getting the GPG error on a fresh, clean install so NO, it wasn't anything that I installed. It's gone away on my Kali installs but it did show up on the Point Linux install on my grandkids computer. I wonder if it's part of the longstanding GnuTLS certificate validation botch that's been going around? Seems like that would explain it perfectly.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...