I am following instructions from https://apt.syncthing.net/ to install Syncthing on Debian 11.
When running apt update, after downloading key, setting up sources list and repo pinning, I am getting the following error:
(logs have had links reformatted, as new users can max include 2 links per post)
$ sudo apt update
Get:1 #https#apt#syncthing#net# syncthing InRelease [15,1 kB]
Err:1 #https#apt#syncthing#net# syncthing InRelease
The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY D26E6ED000654A3E
W: GPG error: #https#apt#syncthing#net# syncthing InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY D26E6ED000654A3E
E: The repository ‘#https#apt#syncthing#net# syncthing InRelease’ is not signed.
N: Updating from such a repository can’t be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
And more detail when outputting debug information:
$ sudo apt -o Debug::Acquire::gpgv=True update
Get:1 #https#apt#syncthing#net# syncthing InRelease [15,1 kB]
0% [Waiting for headers]inside VerifyGetSigners
Preparing to exec: /usr/bin/apt-key --quiet --readonly --keyring /usr/local/share/keyrings/syncthing-release-key.gpg verify --status-fd 3 /tmp/apt.sig.kCPtm8 /tmp/apt.data.9HQRd9
Read: [GNUPG:] NEWSIG
Read: [GNUPG:] ERRSIG D26E6ED000654A3E 1 8 01 1628598344 9 -
Got ERRSIG D26E6ED000654A3E !
Read: [GNUPG:] NO_PUBKEY D26E6ED000654A3E
Got NO_PUBKEY D26E6ED000654A3E !
gpgv exited with status 2
Summary:
Good:
Valid:
Bad:
Worthless:
SoonWorthless:
NoPubKey: NO_PUBKEY D26E6ED000654A3E
Signed-By:
NODATA: no
Err:1 #https#apt#syncthing#net# syncthing InRelease
The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY D26E6ED000654A3E
W: GPG error: #https#apt#syncthing#net# syncthing InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY D26E6ED000654A3E
E: The repository ‘#https#apt#syncthing#net# syncthing InRelease’ is not signed.
N: Updating from such a repository can’t be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
It seems to me that apt is correctly handing over the location of the key I have downloaded. Does this indicate that gpg can not read the contents of the key? Or maybe the key is somehow corrupted?
When I inspect the key,
sudo gpg --show-keys sublime-keyring.gpg
, I get the following, which seems plausibly correct:
pub rsa2048 2014-12-29 [SC]
37C84554E7E0A261E4F76E1ED26E6ED000654A3E
uid Syncthing Release Management release@syncthing.net
sub rsa2048 2014-12-29 [E]
The key seems readable. So what went wrong? How can I get this to function correctly?