Re: [tor-relays] EXPKEYSIG when running 'apt update'

On Monday, June 13, 2022 7:11:32 PM CEST Imre Jonk wrote:

Hi tor-relays,

I'm getting this error when running 'apt update':

mee too ;-)

Err:4 https://deb.torproject.org/torproject.org bullseye InRelease The following signatures were invalid: EXPKEYSIG 74A941BA219EC810 deb.torproject.org archive signing key

The signing key in /etc/apt/trusted.gpg.d/deb.torproject.org-keyring.gpg does not appear to be expired, so I guess some repository metadata signature has expired. Does anyone else encounter this issue?

Had the same thing today and saw that some machines had a newer archive key in: /usr/share/keyrings/tor-archive-keyring.gpg

You can get the new one with this one line:

wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E88... | gpg --dearmor | tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null