Kali Linux Update Fails – Key Outdated

If like me you have Kali Linux installations you may have come across a slight problem recently whereby the public key had expired resulting in an error when attempting to update. You likely received something similar to the example below when attempting an apt update –

root@kali:/# apt update
Hit:1 https://apt.dockerproject.org/repo debian-stretch InRelease
Get:2 http://ftp.hands.com/kali kali-rolling InRelease [30.5 kB]
Err:2 http://ftp.hands.com/kali kali-rolling InRelease

The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <[email protected]>

Fetched 30.5 kB in 1s (43.2 kB/s)
Reading package lists... Done
Building dependency tree 
Reading state information... Done
All packages are up to date.

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://ftp.hands.com/kali kali-rolling InRelease: The following signatures were invalid:EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <[email protected]>
W: Failed to fetch http://http.kali.org/kali/dists/kali-rolling/InRelease The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6 Kali Linux Repository <[email protected]>
W: Some index files failed to download. They have been ignored, or old ones used instead.

root@kali:/#

I must admit I don’t update Kali as often as I should but then again I have a large number of systems/applications/problems to take care of so it’s hardly the top of my priority list. Thankfully the solution to this problem is as simple as importing the new public key and running our update again.

First we will add the new key using the command wget -q -O – https://archive.kali.org/archive-key.asc | apt-key add

root@kali:/# wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add
OK
root@kali:/#

It’s important to note that the space between the hyphen and the URL is intentional so please keep that in mind when entering the command.

Now that’s done we can run our update again to see if there are any available packages –

root@kali:/# apt update
Hit:1 https://apt.dockerproject.org/repo debian-stretch InRelease
Get:2 http://ftp.hands.com/kali kali-rolling InRelease [30.5 kB]
Get:3 http://ftp.hands.com/kali kali-rolling/main amd64 Packages [15.8 MB]
Get:4 http://ftp.hands.com/kali kali-rolling/contrib amd64 Packages [115 kB]
Get:5 http://ftp.hands.com/kali kali-rolling/non-free amd64 Packages [163 kB]

Fetched 16.0 MB in 5s (3,277 kB/s)

Reading package lists... Done
Building dependency tree 
Reading state information... Done
463 packages can be upgraded. Run 'apt list --upgradable' to see them.

root@kali:/#

That’s more like it, 463 packages for me to update! If you are curious what that .ASC file actually contains it’s simply the PGP public key as shown below.

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBE9U1CgBEAChen9+cvBS8ioHoCU6wBbL9jaIk5P7ZkPpjDsovMvimqZaozS8
fEAZM23gJlFratc+rRllV9hPZmGqhtT50RLDzC3yFOvFnJqAPvpVDO2ipQCVnJDX
0eWDhT62RDwk+FhjksEDwP7Yc4CgohdGDYQu1zTBSLL5qen3rckCnHF2OnSiKnYM
8YCIKAYMt4VRArAvivjOMspN+1xy2S8GYXX2felsu3Ir1DXvUIE7b/9sdK6MzBcq
joDH34OqX6isqAW0+K93lmVN+U4yFMzfEB74UMQNWKg39mCB0K/VfQ89ih4zvF9a
zENbFzfF0O0h09oHF4ZTaUFeI8JImp/x9FC+LveUyJot9t/xv0HVUd08Y4PgO48C
iXOTqqqm/DPF0AbHJGpTuonOsKy3/dYhk7Fvsfn02DMds+RKsukBEzypTIIIzMBF
Uwiq/GaaNRWw6lnOyE4wMmpwRa11QVDDWkMpuOr1tPV7M+EMAhZY7cyHDmRTOFL3
H0CxYnInis+k1NQikqtLxNrzWdxsXU25BMbEsAQq7aRTs7wpOnUK+yY+qTG/V5nl
J6II+/CtWJthIef22r8EYX1BQOXRggamy0nxViC3S6kjuU2Lb1qnDb/c7T9hB723
4T9yrRHJbygTvQD8BJBADgRy7+XInCp01V4nAJZSu20qopEg082SdWK9FwARAQAB
tCZLYWxpIExpbnV4IFJlcG9zaXRvcnkgPGRldmVsQGthbGkub3JnPokCVQQTAQIA
PwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AWIQRExlE6jk+z0wh191jtRE/w
fY0L9gUCWmm4hgUJEMWt3gAKCRDtRE/wfY0L9qnvD/0dKuVKCGUQscp3LrZ50Brc
Ramb0EF2WjuqVoSrrPaelwhda4KTmb9dZ7SLB9Rr7XOS/iKf1R260/0vJVOe6REV
HXxvIhdbfiL8Gl0s0KpC4UZGTMVn1tjfEulG4jbTVS0wMBKkZZX3VMIe6GqnCbHW
ffsj93VhuS9Po9yCKphnUAtNk4WNjxlQx8tlr+2TV6Bryq/ScaLV2Ejv+Ia9vPsA
lGRSMgGMnFVm8GED+U1aIi8wMQUq4jO7sfsTCffMyF4eJ/bCPmqcitr3bA6mpFy+
iIqA1aUMYvi9FXGsQ+zT9fXQ36+T2slUYSlzobtEFVWSvnHkg9MW+2T49OkiheBO
c8YURGGYdFDlAFjVON/3K+lYqfmPleryIkVMLpMusRT1tVh5CncqHBbUb1MBPcAc
WJWOTTXxEy3LLlvNdRJ+C9QYrvK8UWJt8l7K1/fD3z6zklkMwUi02C1pkRRr02o6
U5T7QP5cP89/zhBkYr/TdiD8PAeEfVa12O+ImWQQnYYV6oB1X9YlQekSHr47pypj
5g5He6tfc+VBE7GFScNN0eKaU9K6M8lovf6hhgs1StGZcfPuYXVmglRLX9OiSAW7
x29SKFpYyDL217hRfdrOMnG6XuH47qfh1tslPs2kItacfgG2HnkKd9jfctNJv4bs
9UM10KFlN/eisOVtDCRl+rkCDQRPVNQoARAAoMOCt6yDngNUawaFLqFzzkQ2UDt1
LyWMM5qRusYmVW7DbMqRgl816AhW3qGXlpET2QDK/C7np8kiwkx22cWkK2W7e877
bKGX1jH0k8jIZWxE15pBCBkTk+zb6elC263qiw36jxAlEnwd4eP0OAY6SxD9xi5H
fJ7zXO+2hF4bVgofRGNmr5IA9SPL0yRJo+dNm3Sh+MhdNMpvJpOdk0PWqq1ZP9LC
1XCYNtjlImsemugLloKIrdpwAcHJ6XqhyI5IujftmUfN6hL33MAl34Auy/4ElUFU
9DjvWI7lu+R7P8jdDQB3C10/epbmRu7vqtRNUMf7q+MERZQCPqn75qO8P4zGGHdD
hVRQjAlefx6ULvhRlLfCkjrSrpnHFGcYLzPXQuxuhSLvZyCnJrG1XmgLB5SAFPxI
K1oBydqZOYPsPGKZSvMHpBPv9yR2tM6yBjBzBV3/wQCaHD9Yp3sZD9RxSWtAvk3e
zRjQon81W4S0J6dUZL2mog7gWzDj9v42cIV890ezS077dpeL2fSZOUr3fMrM1ZPf
JKue8SrvlVVV1wySA6VxBss71iWZNEHC5gD/geC863FaOxXKFZXWxD+MeM/hrUef
mj67fQ4rjzTgKFRtivmSKzggA3FeOeUCg0gadG9sGH/gfxToA61T/xxEWEyuwJiO
2SVS/iBjQnfcjDMAEQEAAYkCPAQYAQIAJgIbDBYhBETGUTqOT7PTCHX3WO1ET/B9
jQv2BQJaabixBQkQxa4JAAoJEO1ET/B9jQv2dX8QAJ4rmlNR5LVay+AIti8ByEq+
ERkePaEAwsX0aiiGuXu8JAfrIVtQq3Kku0AfB9W3aPj+gRML2No5tBNvcBDZ0q2d
iJFSBliAvKYpayUUIFnJiAon7/62jn//lvv0ogdEJGE6b7FEb52+v/pyRYGbHOyT
MU6J6JfWklczhTRZbiTYbKCOGhKjsSvoschabDSgptAfOFos7bMp8RrnCOKyy/15
poGmHU7c1YQp5N2rOk5zmwpNNv7P/EaHHnJcbKaf3gO/ihPY6eH/8vpBIWArCqRq
NUENvV6UA8Ixc8nCUjZRz+Y8ElodwVsALOnZbgN+cT3lxw9ILx4nEwQxJ71gSc8J
eyNKxt9Sb26C06TAWDyKZ8OX7RD7Q98gMmKIow/KWzNmedKewvq5JCeCGtKw8HdV
40KW2qM9fw4Yjc7DLNauVEPbbHhoCKtFIkho7SdXBATYOh1g+8vAZg/ZUxCpk89p
/RlmsQfbipiBB9eDtD9tKqFm+m0jKzHpaKcZeeYKu7Emo4yu99RoDzM0KPp7Wdmk
ua7xtbCYECSTobySf2hd7xpkEscbBhuD4EHP5dQV2EIl8ozmCScCT3FDhs1WvJzA
sUoHVhwJwvPO7Nsc3v4KHfQkxiaecnHSxjiJdgiywKHulJbxDd6Q85eB+SQsxdC7
6Xm+Cr6DLuByS2P54K11
=L5yB
-----END PGP PUBLIC KEY BLOCK-----

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.