Invalid signature on Kali when trying to update

I recently started my Kali operating system and ran into a problem. Whenever I try to update it using the command apt-get update, I get an error of invalid signature on Kali terminal.

An error occurred during the signature verification. The repository is not updated. The previous index files will be used. GPG error: http://archive-10.kali.org/kali kali-rolling InRelease: The following signatures were invalid: EXPKEYSIG XXXXXXXXXXXXXXXX Kali Linux Repository <devel@kali.org>

Failed to fetch http://http.kali.org/kali/dists/kali-rolling/InRelease. The following signatures were invalid: EXPKEYSIG XXXXXXXXXXXXXXXX Kali Linux Repository <devel@kali.org>

invalid-signature-on-kali

Why it has happened

Kali has configured it happen intentionally. If you don’t update Kali regularly, it indicates your archive-keyring package would become outdated. Hence, you’ll get key mismatches when connecting with Kali repositories. Refer to the tweet of Kali Linux.

Resolution

So, how you can fix this? The only one solution is to manually update the new keys. Simply, using this command

wget -q -O - | apt-key add

And now finally do,

apt update && apt upgrade

apt update && apt upgrade

That’s it!

How did it work?

We can understand what the command is all about. Command wget download the PGP public key from the archives of Kali. We used the parameters -q and -o. This is to make it quiet and not to produce any output of its own. Also, we printed the output on the terminal using -o. Then the whole thing piped to apt-key add to add it to the system. Due to this, we were able to gracefully update the system fully.

All set to read more? Click here to check latest posts.

Leave a Reply

Your email address will not be published. Required fields are marked *