If you happen to be an outlier like myself that lives, for the most part, in the experimental channels of Chrome OS, chances are good that you run into a few hiccups from time to time with the software. My desktop is always in the Canary channel and receives updates on an almost daily basis. Great for finding new and exciting features but not so good when something breaks. A recent update has done the latter to Crostini, the project that delivers Linux apps to Chrome OS.
I disable and reenable Crostini a lot on my device for various reasons and when I reinstall Linux, the first thing I do is run
sudo apt update. If you’re hip to terminal command you know that this downloads any package updates available for whatever sources you have installed in Linux. If there are updates downloaded, you may be prompted to run
sudo apt upgrade to install them. Easy, peasy, lemon squeezy. Well, normally. When I ran the update command this week, I was greeted with this error.
W: GPG error: https://storage.googleapis.com/cros-packages/81 buster Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 78BD65473CB3BD13
E: The repository ‘https://storage.googleapis.com/cros-packages/81 buster Release’ is not signed.
N: Updating from such a repository can’t be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
To really dumb it down. repository keys are simply signatures that verify the source from which you are downloading packages. By default, updating from an unsigned repository in Crostini is disabled but fear not, there is a simple fix. The reason this has happened is that the current public key for this particular repository had expired but there is a new one in place and all you have to do is download it to remove the error. Open up the Linux terminal and paste the following command to get the new key.
sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com
For what it’s worth, the developers handling the bug have pointed out that this only affects the “Buster” repository references in the error code. Other repos will update just fine and new keys will be assigned soon in preparation for Debian Buster replacing the current default Debian Stretch.
Source: CRBug Tracker