Canot make apt update because of cuda pub key

ROSDS Support
1

I recognized that when I was trying to install turtlebot msg from apt I couldn’t do that, then I tried sudo apt update but I faced this:


Get:20 https://developer.download.nvidia.com/compute/machine-learning/repos/ubuntu2004/x86_64  Packages [2445 B]
Get:21 http://security.ubuntu.com/ubuntu focal-security/restricted amd64 Packages [3316 kB]
Get:22 http://security.ubuntu.com/ubuntu focal-security/multiverse amd64 Packages [29.7 kB]
Get:23 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages [3891 kB]
Get:24 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 Packages [1475 kB]
Get:25 http://archive.ubuntu.com/ubuntu focal-updates/restricted amd64 Packages [3465 kB]
Get:26 http://archive.ubuntu.com/ubuntu focal-updates/multiverse amd64 Packages [32.4 kB]
Get:27 http://archive.ubuntu.com/ubuntu focal-backports/main amd64 Packages [55.2 kB]
Get:28 http://archive.ubuntu.com/ubuntu focal-backports/universe amd64 Packages [28.6 kB]
Get:29 http://packages.ros.org/ros2/ubuntu focal/main amd64 Packages [1192 kB]
Reading package lists... Done
W: GPG error: https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64  InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A4B469963BF863CC
E: The repository 'https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64  InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: The repository 'http://build.openvpn.net/debian/openvpn/stable focal Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

when I searched this issue there are a lot in github, nvidia forum etc, in my normal pc I faced this issue one month ago and I could solve it but trying same solution or different none is able to solve that’s why I cannot run anything related to this turtlebot and it’s the core thing in my purpose because I want to try it with navigation2 to learn navigaion2 package.
If there is a problem about my rosject, don’t know what to do

2

Try:

sudo apt-get update --allow-insecure-repositories
3

I tried and this is the o/p of it:

Get:14 https://developer.download.nvidia.com/compute/machine-learning/repos/ubuntu2004/x86_64  Release.gpg [833 B]
Get:15 http://packages.ros.org/ros2/ubuntu focal InRelease [4685 B]
Ign:7 https://build.openvpn.net/debian/openvpn/stable focal/main all Packages
Ign:6 https://build.openvpn.net/debian/openvpn/stable focal/main amd64 Packages
Ign:3 https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64  InRelease
Get:16 https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64  Packages [1403 kB]
Get:17 http://security.ubuntu.com/ubuntu focal-security/universe amd64 Packages [1179 kB]
Get:18 http://security.ubuntu.com/ubuntu focal-security/multiverse amd64 Packages [29.7 kB]
Get:19 http://security.ubuntu.com/ubuntu focal-security/restricted amd64 Packages [3316 kB]
Ign:7 https://build.openvpn.net/debian/openvpn/stable focal/main all Packages
Ign:6 https://build.openvpn.net/debian/openvpn/stable focal/main amd64 Packages
Ign:7 https://build.openvpn.net/debian/openvpn/stable focal/main all Packages
Err:6 https://build.openvpn.net/debian/openvpn/stable focal/main amd64 Packages
  Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate.  Could not handshake: Error in the certificate verification. [IP: 18.196.214.178 443]
Get:20 http://archive.ubuntu.com/ubuntu focal/universe amd64 Packages [11.3 MB]
Ign:7 https://build.openvpn.net/debian/openvpn/stable focal/main all Packages
Get:21 http://packages.ros.org/ros/ubuntu focal/main amd64 Packages [810 kB]
Get:22 http://archive.ubuntu.com/ubuntu focal/restricted amd64 Packages [33.4 kB]
Get:23 http://archive.ubuntu.com/ubuntu focal/multiverse amd64 Packages [177 kB]
Get:24 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages [1275 kB]
Get:25 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages [3891 kB]
Get:26 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 Packages [1475 kB]
Get:27 http://archive.ubuntu.com/ubuntu focal-updates/restricted amd64 Packages [3465 kB]
Get:28 http://archive.ubuntu.com/ubuntu focal-updates/multiverse amd64 Packages [32.4 kB]
Get:29 http://archive.ubuntu.com/ubuntu focal-backports/universe amd64 Packages [28.6 kB]
Get:30 http://archive.ubuntu.com/ubuntu focal-backports/main amd64 Packages [55.2 kB]
Get:31 https://developer.download.nvidia.com/compute/machine-learning/repos/ubuntu2004/x86_64  Packages [2445 B]
Get:32 http://packages.ros.org/ros2/ubuntu focal/main amd64 Packages [1192 kB]
Fetched 33.7 MB in 4s (8028 kB/s)
Reading package lists... Done
W: The repository 'http://build.openvpn.net/debian/openvpn/stable focal Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64  InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A4B469963BF863CC
W: The repository 'https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64  InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Failed to fetch https://build.openvpn.net/debian/openvpn/stable/dists/focal/main/binary-amd64/Packages  Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate.  Could not handshake: Error in the certificate verification. [IP: 18.196.214.178 443]
E: Some index files failed to download. They have been ignored, or old ones used instead.
4

Hi @tugbakara,

You can safely remove the APT source files of VPN and NVIDIA using the command below:

sudo rm -fv /etc/apt/sources.list.d/openvpn-aptrepo.list /etc/apt/sources.list.d/nvidia-ml.list /etc/apt/sources.list.d/cuda.list

After that, you should be able to run apt update and install without any problems:

sudo apt-get update

sudo apt-get install ros-foxy-turtlebot3-msgs

I’ll work on solving this issue so that you don’t have to manually remove those files, but in the meantime, just remove them as instructed above.

5

Thanks @ralves , I am wondering that is this pub keys are so crucial for the system? Will there be any poblem in the future using the system with this changes? Is it hardware specific problem? If it is not If I face the same issue in another hardware doing the same changes on different hardware will make everything ok? ( I know it is so general and you may not know but I just want to know your idea)
Thanks again!

6

Hi @tugbakara,

every apt repository has SSL keys, and they normally expire between 1 and 2 years.

If it’s an APT repository that you really need, you can update the keys, Normally there are instructions in the internet, specific for each APT repository.

Normally it is the maintainer of the APT repository that publishes the process for updating the keys.

But in this case, I case the expired certificates were for VPN and CUDA, and we don’t need them on the rosjects. That is why I just removed them instead of updating their certificates.

Please let me know if you have more questions.

7

Thanks ! Now everything is more clear :smile: Have a nice day!

1 Like
8

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.