Ubuntu repository: public key is not available: NO_PUBKEY 62754C3B3ABCFE23

[julioropa]

Hi,

I'm following installation process for Ubuntu as indicated in https://github.com/SAP/SapMachine/wiki/Installation but it seems there is a problem with the public key.

Can you please advise how to proceed?

root@:~# export GNUPGHOME="$(mktemp -d)"
root@:~# gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys CACB9FE09150307D1D22D82962754C3B3ABCFE23
gpg: keybox '/tmp/tmp.3s96cNxDCE/pubring.kbx' created
gpg: /tmp/tmp.3s96cNxDCE/trustdb.gpg: trustdb created
gpg: key 62754C3B3ABCFE23: public key "SapMachine (https://sapmachine.io) <sapmachine@sap.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1

root@:~# gpg --batch --export --armor 'CACB 9FE0 9150 307D 1D22 D829 6275 4C3B 3ABC FE23' > /etc/apt/trusted.gpg.d/sapmachine.gpg.asc

root@:~# gpgconf --kill all && rm -rf "$GNUPGHOME"

root@:~# echo "deb http://dist.sapmachine.io/debian/$(dpkg --print-architecture)/ ./" > /etc/apt/sources.list.d/sapmachine.list

root@:~# apt-get update
Get:1 http://dist.sapmachine.io/debian/amd64 ./ InRelease [1,715 B]
Err:1 http://dist.sapmachine.io/debian/amd64 ./ InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 62754C3B3ABCFE23
Reading package lists... Done
W: http://dist.sapmachine.io/debian/amd64/./InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/sapmachine.gpg.asc are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://dist.sapmachine.io/debian/amd64 ./ InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 62754C3B3ABCFE23
E: The repository 'http://dist.sapmachine.io/debian/amd64 ./ InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

root@l:~# apt-get -y --no-install-recommends install sapmachine-21-jdk
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package sapmachine-21-jdk

[skateball]

Hi julioropa, please contact me via mailto:sapmachine@sap.com?subject=SapMachine%20Issue%201812&body=Hi%20Christian,%0A

I am working on making this easier and my working-drafts are here: https://github.com/skateball/sapmachine-installation/

If you want you can try curl -fsSL https://raw.githubusercontent.com/skateball/sapmachine-installation/main/t/w6.sh | sudo bash

Best Regards Christian

[skateball]

Hi julioropa, looks like that the following command got an issue: gpg --batch --export --armor 'CACB 9FE0 9150 307D 1D22 D829 6275 4C3B 3ABC FE23' > /etc/apt/trusted.gpg.d/sapmachine.gpg.asc what caused that either /etc/apt/trusted.gpg.d/sapmachine.gpg.asc has the wrong content or could not be written at all.

Can you please send the output of the following commands here or via eMail :

cat /etc/os-release
umask -p
ls -l /etc/apt
ls -l /etc/apt/trusted.gpg.d/sapmachine.gpg.asc
md5sum /etc/apt/trusted.gpg.d/sapmachine.gpg.asc
cat /etc/apt/trusted.gpg.d/sapmachine.gpg.asc

Best Regards Christian

[skateball]

(as confirmed via chat) the root cause was the default umask of the host that blocked read-access for for group and others, which is required. executing the following commands solved the issue: sudo chmod 644 /etc/apt/trusted.gpg.d/sapmachine.gpg.asc sudo chmod 644 /etc/apt/sources.list.d/sapmachine.list

[skateball]

issue solved. colleague happy && asked to close this