错误信息
root@28593cafb270:/# apt update
Get:1 http://mirrors.neusoft.edu.cn/kali kali-rolling InRelease [30.6 kB]
Err:1 http://mirrors.neusoft.edu.cn/kali kali-rolling InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ED444FF07D8D0BF6
Reading package lists... Done
W: http://http.kali.org/kali/dists/kali-rolling/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-automatic.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
...
W: GPG error: http://mirrors.neusoft.edu.cn/kali kali-rolling InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ED444FF07D8D0BF6
E: The repository 'http://http.kali.org/kali kali-rolling InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
尝试1
apt-key adv --keyserver hkp://keys.gnupg.net --recv-keys ED444FF07D8D0BF6
但是新docker没有安装gnupg会报E: gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation错误。
要想安装gnupg则需要更新apt, 进入死循环
尝试2
强行获取密钥然后安装
方法是下载最新的kali-archive-keyring,由于无法使用apt,所以手动下载。
最新的到http://http.kali.org/pool/main/k/kali-archive-keyring查看
wget http://http.kali.org/pool/main/k/kali-archive-keyring/kali-archive-keyring_2022.1_all.deb
apt install ./kali-archive-keyring_2022.1_all.deb
由于docker-kali没有wget,只能在主机下载好后挂载到docker-kali上安装。
但其实官方的keyring已经是最新的了,这个尝试是无效的。
最终无奈的选择
因为原因是不能验证,那么就忽略验证就可以了
- 参考的是这一篇讨论
创建/etc/apt/apt.conf.d/99allow_unauth文件并将gpg-pubkey设置为忽略
echo 'APT { Get { AllowUnauthenticated "1"; }; }; Acquire { AllowInsecureRepositories "1"; AllowDowngradeToInsecureRepositories "1"; };' > /etc/apt/apt.conf.d/99allow_unauth
此时就可以正常使用了,只不过会有Warning,这也是没办法的一个办法。
转载请注明来源,欢迎对文章中的引用来源进行考证,欢迎指出任何有错误或不够清晰的表达。可以在下面评论区评论,也可以邮件至 365433079@qq.com