NO_PUBKEY 5478FEE00E35DFD3

[andoresuperesu]

Got this error while trying to update.

The install procedure after deleting the ppa and keys don't fix it.

[ChristopherHX]

hmm, did I let my gpg key expire...

GPG error: https://minecraft-linux.github.io/pkg/deb jammy InRelease: The following signatures were invalid: EXPKEYSIG 5478FEE00E35DFD3 Christopher Homberger <[email protected]>

I need a new key, then everyone need to update the key.
...I will look into this tomorrow, thanks for opening an issue

[ChristopherHX]

MEMO for me

# To get the fingerprint
gpg --list-secret-keys --keyid-format LONG
gpg --quick-set-expire <fingerprint> 8y
gpg --armor --export-secret-keys <fingerprint>

You need to repeat this step, since the public key has been updated, now longer valid than 2 years

curl -sS https://minecraft-linux.github.io/pkg/deb/pubkey.gpg | sudo tee /etc/apt/trusted.gpg.d/minecraft-linux-pkg.asc

[andoresuperesu]

Thanks. Thus is routine for many apps. Most recent, spotify. Thankyou for this app! My daughter is loving it. El dom., 16 de febrero de 2025 5:48 a. m., ChristopherHX < ***@***.***> escribió:

…

MEMO # To get the fingerprint gpg --list-secret-keys --keyid-format LONG gpg --quick-set-expire <fingerprint> 8y gpg --armor --export-secret-keys <fingerprint> You need to repeat this step, since the public key has been updated, now longer valid than 2 years curl -sS https://minecraft-linux.github.io/pkg/deb/pubkey.gpg | sudo tee -a /etc/apt/trusted.gpg.d/minecraft-linux-pkg.asc — Reply to this email directly, view it on GitHub <#13 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ACXPIG5CQLETME357BFV7KL2QBUIZAVCNFSM6AAAAABXG6O426VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMNRRGM3TGMBYGU> . You are receiving this because you authored the thread.Message ID: ***@***.***> [image: ChristopherHX]*ChristopherHX* left a comment (minecraft-linux/pkg#13) <#13 (comment)> MEMO # To get the fingerprint gpg --list-secret-keys --keyid-format LONG gpg --quick-set-expire <fingerprint> 8y gpg --armor --export-secret-keys <fingerprint> You need to repeat this step, since the public key has been updated, now longer valid than 2 years curl -sS https://minecraft-linux.github.io/pkg/deb/pubkey.gpg | sudo tee -a /etc/apt/trusted.gpg.d/minecraft-linux-pkg.asc — Reply to this email directly, view it on GitHub <#13 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ACXPIG5CQLETME357BFV7KL2QBUIZAVCNFSM6AAAAABXG6O426VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMNRRGM3TGMBYGU> . You are receiving this because you authored the thread.Message ID: ***@***.***>

[dilnix]

MEMO for me
You need to repeat this step, since the public key has been updated, now longer valid than 2 years

curl -sS https://minecraft-linux.github.io/pkg/deb/pubkey.gpg | sudo tee -a /etc/apt/trusted.gpg.d/minecraft-linux-pkg.asc

Thanks for the key update. Are there instructions for Fedora for the similar step?

[dilnix]

For now, just used a workaround like:
sudo dnf update <package> --downloadonly --destdir .
sudo rpm -U --nosignature ./<package>

But definitely, there should be a proper way to update the local pubkey.

[ChristopherHX]

The .repo files I shown in the readme point to that url for rpm, so could be caching

Maybe https://forums.fedoraforum.org/showthread.php?327792-How-can-I-force-dnf-to-download-new-GPG-keys&p=1855568#post1855568

sudo dnf clean all

I don't think to have a fedora system that has fetched the old key at the moment

[dilnix]

The .repo files I shown in the readme point to that url for rpm, so could be caching

Maybe https://forums.fedoraforum.org/showthread.php?327792-How-can-I-force-dnf-to-download-new-GPG-keys&p=1855568#post1855568

sudo dnf clean all

I don't think to have a fedora system that has fetched the old key at the moment

Unfortunately, it was not working, tried it the first thing. But ok, for Fedora (on daughter's laptop) it's done using the workaround.
What about Ubuntu? The key resetting using:
curl -sS https://minecraft-linux.github.io/pkg/deb/pubkey.gpg | sudo tee -a /etc/apt/trusted.gpg.d/minecraft-linux-pkg.asc
...didn't help me, I'm still unable to update from 1.1.3 to 1.2.1, getting the error:
An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://minecraft-linux.github.io/pkg/deb jammy InRelease: Наступні підписи були невірними: EXPKEYSIG 5478FEE00E35DFD3 Christopher Homberger <[email protected]>

[ChristopherHX]

didn't help me, I'm still unable to update from 1.1.3 to 1.2.1

You may have an old copy of my public key under a different file name in /etc/apt/trusted.gpg.d

At least that was it for me. If you remove all keys of my ppa from that folder, the error should just print key not found instead of expired

[dilnix]

Thanks, it worked to delete first the same file /etc/apt/trusted.gpg.d/minecraft-linux-pkg.asc, and then to reset it using the offered command. 👍
It is unclear to me why it was not working without deleting the local file first, but OK, at least it's figured out now.

[ChristopherHX]

@dilnix Could you please try this command on fedora?

rpmkeys --delete "$(rpmkeys --list | grep [email protected] | awk -F ':' '{print $1}')"

This seems to delete the previously imported key (I have published) of my repository and asks again on install like first time.

[robinelvin]

On Fedora 41 I have done it like this:

sudo rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'

Your output should be something like the following:

gpg-pubkey-a15b79cc-63d04c2c	Fedora (40) <[email protected]> public key
gpg-pubkey-e99d6ad1-64d2612c	Fedora (41) <[email protected]> public key
gpg-pubkey-0e35dfd3-63eea313	Christopher Homberger <[email protected]> public key
gpg-pubkey-20038257-63ab09c9	Brave Linux Release (Brave Linux Release) <[email protected]> public key
gpg-pubkey-f661cdcb-63ab09ad	Brave Linux Pre Release (Brave Linux Pre Release) <[email protected]> public key
gpg-pubkey-94843c65-5dadbc64	RPM Fusion nonfree repository for Fedora (2020) <[email protected]> public key

Look for the old key and remove with:

sudo rpm -e gpg-pubkey-0e35dfd3-63eea313

Then you can retry sudo dnf update and it will prompt to add the updated key:

Importing OpenPGP key 0x0E35DFD3:
 UserID     : "Christopher Homberger <[email protected]>"
 Fingerprint: DB0D769C9BBC6478B29A1A715478FEE00E35DFD3
 From       : https://minecraft-linux.github.io/pkg/deb/pubkey.gpg
Is this ok [y/N]: y
The key was successfully imported.

[dilnix]

Thanks both, it worked.
Great to see such a support from the community. =]