NO_PUBKEY error

Christian.Rauch

@Gwen-Dragon Yes, the same issue appears with Google Chrome. Nevertheless, the key import would be more robust if the gpg would be provided in the deb package.

Vistaus

I have the same issue with apt on Deepin 20, based on Debian 10. So I think there's a bug in apt somewhere.

CtrlAltDel

@Gwen-Dragon said in NO_PUBKEY error:

It tried on Debian 10, Ubuntu 20, Mint 20, Debian Testing and did not get trouble with keys for apt. Really a weird issue with the apt on your one Linux PC.

I too have this very same issue while using Linux Mint 20.1. I've tried all of the solutions suggested on this page and it did not change the situation. About a month ago, I unsuccessfully tried other suggestions from another site.

Therefore, after many years of being a happy Vivaldi user, I have uninstalled it, much to my regret. I have several other .deb installed programs and only have this problem with Vivaldi.

While I understand no tears will be shed for losing a single user, it is nevertheless a great disappointment to me. Many people don't have time to figure out why a program doesn't work and I suppose I am now one of those. I tried to run down a few things listed on this page and it didn't help so, really, I'm just tired of trying to fix it myself.

I've tried the instructions listed here:

Fix

No matter what I do,it always ends up like this:

Goodbye, Vivaldi. I'll check back in from time to time and see if I am able to use you again.

Dancer18

@CtrlAltDel
Such individual issues happen with any apps or operating systems. There are unknown interferences causing nonfunctions.

Look at firefox forums, linux forums, windows forums. There always are some trouble issues few people experience.

To really find what is causing the failure isn't successful sometimes.

But don't blame Vivaldi for it. I'm running Vivaldi on 2 machines with Linux Mint 20.1 and on Windows 10 without any issues, except some cases with the calendar.

Vistaus

@Gwen-Dragon said in NO_PUBKEY error:

wget -qO- https://repo.vivaldi.com/archive/linux_signing_key.pub | sudo apt-key add -

It might work fine still on Ubuntu LTS and Debian Stable, but it doesn't work anymore on newer Debian versions like Debian Unstable, however, because apt-key is deprecated and fails to work:

wget -qO- https://repo.vivaldi.com/archive/linux_signing_key.pub | sudo apt-key add -
Warning: 'apt-key' is deprecated and should not be used anymore!
Note: In your distribution this command is a no-op and can therefore be removed safely.
Manage keyring files in trusted.gpg.d instead (see apt-key(8)).

Vistaus

In fact, apt-key is so deprecated that it will be removed after Debian 11 and Ubuntu 22.04: https://www.linuxuprising.com/2021/01/apt-key-is-deprecated-how-to-add.html
"What's more, "apt-key will last be available in Debian 11 and Ubuntu 22.04.""

becm

This should only become a major issue if @ruarí procrastinates until Ubuntu 22.09 :face_with_stuck-out_tongue_winking_eye:.
And for users of distros with an early/botched apt transition.

Apart from manual operations, this will also affect the cron script (still) shipped with Vivaldi.

As a "single package" type application, Vivaldi could (with different locations/names for stable/snapshot):

• ship the keyfile with the package (and drop the cron script)
• create/remove the sources.list.d file via postinstall/-remove scripts
• use [signed-by=.../vivaldi-browser.gpg] in the generated sources.list.d file

as shown in @Gwen-Dragon's linked wiki entry.

The advantages/disadvantes in regard to update stability in my opinion are equivalent to the current approach.

becm

As intermediate solution the working alternative command for users is:

curl https://repo.vivaldi.com/stable/linux_signing_key.pub | gpg --dearmor > /etc/apt/trusted.gpg.d/vivaldi-browser.gpg

to place the key into a separate supported keystore (as also shown in the Debian Wiki entry linked by @Gwen-Dragon.

The ASCII import in the cron script can also be replaced by a simple copy of a prepared (binary) key file (as opposed to use [signed-by=…], for whatever reasons).

becm

@Gwen-Dragon the one-liner (one has to C&P anyway) containing the source URL is quite similar.

Not modifying a keyring reduces dependencies to very basic GnuPG components.

If @ruarí pushes keyfiles according to current best practices the dependency on GnuPG can also be removed for this workflow (no dearmor step required).

CtrlAltDel

@becm said in NO_PUBKEY error:

@Gwen-Dragon the one-liner (one has to C&P anyway) containing the source URL is quite similar.

Not modifying a keyring reduces dependencies to very basic GnuPG components.

If @ruarí pushes keyfiles according to current best practices the dependency on GnuPG can also be removed for this workflow (no dearmor step required).

This is all very interesting and, frankly, complicated for those that aren't deeply involved with the inner workings of Vivaldi.

Let's just say that I wish to install Vivaldi and have it work without displaying errors, and jamming up the Software Sources repositories manager GUI in Mint 20.1.

Should I just wait until some undetermined time in the future until maybe everything will work normally again? Should I go ahead and try another route to temporarily fix the issue?

If you were me and just wanted to use Vivaldi, what would you do? Can you provide precise instructions on what to do, if it isn't too much of a hassle?

1. Install by .deb file?
2. Run the curl command that you provided in previous post?
3. What exactly should I do and in what order should it be done in to get Vivaldi back and operating smoothly?
4. Can it be done?

I've tried all the suggestions this thread and the other thread on the board discussing it and nothing seems to work. What do I need to do?

becm

@CtrlAltDel if Mint actually deprecated/broke apt-key add prematurely, then for now the only workflow I see that could work is:

• install via .deb file (adds repo, uses apt-key add to add key)
• manually add the Vivaldi repo key as a separate entity in /etc/apt/trusted.gpg.d/ (curl … | gpg --dearmor > …)

The 2nd step will have to be repeated on Vivaldi maintainer key rotation (yearly).
Normally this is handled by a cron script (instead of on install time, but that's another story…), which now also fails due to using apt-key add.

CtrlAltDel

@becm said in NO_PUBKEY error:

@CtrlAltDel if Mint actually deprecated/broke apt-key add prematurely, then for now the only workflow I see that could work is:

• install via .deb file (adds repo, uses apt-key add to add key)
• manually add the Vivaldi repo key as a separate entity in /etc/apt/trusted.gpg.d/ (curl … | gpg --dearmor > …)

The 2nd step will have to be repeated on Vivaldi maintainer key rotation (yearly).
Normally this is handled by a cron script (instead of on install time, but that's another story…), which now also fails due to using apt-key add.

Thanks for the suggestion, becm. Unfortunatley, not much has seemed to have changed. After installation with the .deb file and manually adding the key using the curl command, it still takes about 3 minutes for Software Sources/Add Missing Keys to open in Mint and errors are displayed about needing to manually add the repo .

Maybe I'll just install Vivaldi and remove the keys and repo's and not worrying about updating it. I guess that would work.

becm

@CtrlAltDel not really apparent in what (internal) state of "add a repo" the software you are using is stuck in.

If the key is properly available (please post output of apt-key list) it might be some kind of caching issue.
Or it insists on querying a keyserver and fails due to the currently required Vivaldi repo key not being available.

@Ruarí the current key for [email protected] seems to not be published
(missing when asking Ubuntu's default server hkp://keyserver.ubuntu.com:80).

becm

@Gwen-Dragon it's not needed for the suggested way to add a repo.
But they are available (and apt-key adv … worked) up to 4A3AA3D6 (which is now expired but still pushed to the keyring by the cron script shipped in Vivaldi).

RobsukeDaisuke

@christian-rauch That did not work for me! This however did:

wget -qO- https://repo.vivaldi.com/archive/linux_signing_key.pub | gpg --dearmor | sudo dd of=/usr/share/keyrings/vivaldi-browser.gpg

It was from a page on how to install Vivaldi - I didn't follow adding the repository, as it already was, I just ran

sudo apt update

and saw that everything was fine now... well, at least there was no more errors with the key. I'll have to see if the upgrade will work now

The site I got this from was: Manual setup of the Vivaldi Linux repositories | Vivaldi Browser Help

I've just fixed similar issue with Chrome repositories - first the key, then the fact that the repo was defined in two different files (/etc/sources.list.d/google-chrome.list and /etc/sources.list.d/additional-repositories.list - the latter one only had the google-chrome repo and I have no idea when and why it got there). These 3rd party proprietary FOSS leeches don't know how to upkeep their repos

ingo-steinke

@becm said in NO_PUBKEY error:

curl https://repo.vivaldi.com/stable/linux_signing_key.pub | gpg --dearmor > /etc/apt/trusted.gpg.d/vivaldi-browser.gpg

This gives a permission denied error even when executed as root, so it is probably not my local permission but the one on your server? Checked various forum topics and askubuntu, still not sure how to make it work.

Conclusion? Give Firefox another chance as default browser, probably.

ingo-steinke

@RobsukeDaisuke thanks, now it seems to work following the (re-)installation steps described, in my case for apt on Ubuntu.

https://help.vivaldi.com/desktop/install-update/manual-setup-vivaldi-linux-repositories/

joachimrs

Get:13 https://repo.vivaldi.com/archive/deb stable Release.gpg [833 B]
Err:13 https://repo.vivaldi.com/archive/deb stable Release.gpg
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 62993C724218647E

The key is not available on public gpg keyservers like keyserver.ubuntu.com for example. How to resolve this issue? Last week everything worked fine.

becm

@joachimrs a new Vivaldi package signing key (KEY08) is active and you have a conflicting source setup for the repository.
Should be a purely aesthetic problem, but you can run

grep -nr repo.vivaldi.com /etc/apt/sources.list.d/*

and remove any file that comes up with a signed-by entry (there should be vivaldi somewhere in the name).
You can post the output of that command here for a 2nd opinion if that file can be removed safely and without need for further steps.

The original approach for manual repo setup is discouraged now, it generates this exact issue (for most users) on a yearly basis.
The Vivaldi package will manage its own key rotation and source list entry.

joachimrs

@becm Thanks a lot. I already apt purge vivaldi-stable and will do a reinstall of the deb later. I also removed all remaining traces of anything vivaldi in /etc/apt/trusted.gpg.d/ as well as in /etc/apt/sources.list.d/ and /usr/share/keyrings/

Will check what will be installed with the .deb and see if it resolves the issue. It should, as you mentioned, be gone for good as it is taken care of in the package now.

Before that I tried lots of hints in the thread, like downloading the key from repo.vivaldi and --dearmor put it in trusted.gpg.d etc. to no avail. That's why I was curious if there is a way to remedy that without reinstall, but went for a reinstall anyway, as it seemed the fastest solution, sorry, me dumb user ¯\_(ツ)_/¯