New GPG keys deployed for packages.ros.org

cottsay · June 14, 2021, 7:17pm

The new public key uses the same private key as before, so that fingerprint is still correct.

From a fresh docker pull, I ran these commands and they worked correctly for Ubuntu Bionic and Focal, targeting Melodic and Noetic respectively:

$ docker pull ubuntu:focal
$ docker run --rm -it ubuntu:focal
# apt update
# apt install -y gnupg lsb-release
# sh -c 'echo "deb http://packages.ros.org/ros/ubuntu $(lsb_release -sc) main" > /etc/apt/sources.list.d/ros-latest.list' >/dev/null 2>&1 \
    && apt-key adv --keyserver 'hkp://keyserver.ubuntu.com:80' --recv-key C1CF6E31E6BADE8868B172B4F42ED6FBAB17C654
# apt update
# apt install -y ros-noetic-catkin

Perhaps try removing any existing key prior to running the import step?

apt-key adv --keyserver 'hkp://keyserver.ubuntu.com:80' --delete-keys C1CF6E31E6BADE8868B172B4F42ED6FBAB17C654

Topic		Replies	Views
Key rotation for ROS 2 apt repositories General ros2 , ardent , bouncy , crystal	2	8314	June 7, 2019
Deployment approaches for new gpg key General	14	3073	May 30, 2016
Security issue on ROS build farm General	15	12426	June 30, 2019
Ubuntu installation doc needs to be updated for use with new GPG keys?	3	2411	June 14, 2021
Post-mortem: ROS GPG Key Expiration Incident General	0	1604	June 4, 2021

New GPG keys deployed for packages.ros.org

Related topics