Unable to update syncthing in Debian ARM

I have Zyxel NSA310 based on Marvell kirkwood chipset. Instaled there Debian from here https://forum.doozan.com/read.php?2,12096 .

It is bare minimum installation with few tools only. in debian 9 repo syncthing is in version v0.14.18-dfsg1 so it is pretty old.

I want to install latest one and here problems starts.

Following https://apt.syncthing.net/ i have installed apt-transport-https. When executing:

curl -s https://syncthing.net/release-key.txt | sudo apt-key add - result is gpg: no valid OpenPGP data found.

echo "deb https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list works

sudo apt-get update gives:

Ign:7 https://apt.syncthing.net syncthing/stable all Packages Ign:8 https://apt.syncthing.net syncthing/stable Translation-en Reading package lists... Done W: The repository 'https://apt.syncthing.net syncthing Release' does not have a Release file. N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use. N: See apt-secure(8) manpage for repository creation and user configuration details. E: Failed to fetch https://apt.syncthing.net/dists/syncthing/stable/binary-armel/Packages E: Some index files failed to download. They have been ignored, or old ones used instead.

I am not so advanced to understand what is wrong, please help.

The import of the PGP key fails, so the whole repository can’t be authenticated.

For a start, can you give us the output of

curl -s https://syncthing.net/release-key.txt


That should print a lot of lines beginning with the text “-----BEGIN PGP PUBLIC KEY BLOCK-----”.

It give no output. root@debian:~# curl -s https://syncthing.net/release-key.txt root@debian:~#

Let’s try

curl -s https://syncthing.net/release-key.txt -verbose

and check the state of your curl installation:

which curl and curl --version

1 Like

First one:

`root@debian:~# curl -s https://syncthing.net/release-key.txt -verbose

  • Trying…
  • Connected to syncthing.net ( port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
  • error setting certificate verify locations: CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs
  • Curl_http_done: called premature == 0
  • Closing connection 0 root@debian:~#`

which curl /usr/bin/curl

curl --version root@debian:~# curl --version curl 7.52.1 (arm-unknown-linux-gnueabi) libcurl/7.52.1 OpenSSL/1.0.2s zlib/1.2.8 libidn2/0.16 libpsl/0.17.0 (+libidn2/0.16) libssh2/1.7.0 nghttp2/1.18.1 librtmp/2.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL

I cant find a way to break lines in inside `, single enter gives no space, double enter breaks pre block.

Okay, I already had a feeling the certificate store was the culprit.

It seems you’re missing a root certificate store, which curl requires to verify https certificates. Or maybe your curl installation is only missing permissions to access it.

Can you verify if the file /etc/ssl/certs/ca-certificates.crt and the directory /etc/ssl/certs exists and if they do, what are their permissions?

1 Like

/etc/ssl is missing. Should I just create it?

If it’s missing entirely, you’re also missing all root certificates that should be contained within.

After a quick Google, I found this answer which should (re-)create the directory and the files within.

This is for Ubuntu, but Ubuntu and Debian are very similar.

1 Like

I was missing whole ca-certificates package, installing it with sudo apt-get install --reinstall ca-certificates solved the issue. All commands works now and I have 1.2.0. Thank you Max.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.