Question

How To Fix NO_PUBKEY 77B79B3FFAF7EF65?

I’ve been updating some of our droplets to 22.04 and came across this issue where it mentions: NO_PUBKEY 77B79B3FFAF7EF65. This occurs when I either try to apt update or do-release-upgrade.

I’ve tried some solutions like below and searched around, but realized that the key does not exist: sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 77B79B3FFAF7EF65

I assume sks-keyservers.net would’ve worked, but it’s down now and keyserver.ubuntu.com does not have the missing key 77B79B3FFAF7EF65.

Is there a quick solution to this? Since I’ll have to apply the method to multiple droplets.


Submit an answer
Answer a question...

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

I also stumbled across this issue when running a simple sudo apt-get update on a 20.04 droplet seems like DO updated the do-agent apt gpg key on the 5th december. you can see the new one here: https://repos.insights.digitalocean.com/sonar-agent.asc and the old one they have as a backup: https://repos.insights.digitalocean.com/sonar-agent.asc.bkup

i solved this with:

wget -qO - https://repos.insights.digitalocean.com/sonar-agent.asc | sudo apt-key add -

its worth noting apt-key add is depreciated but its a simple one-liner.

I would appreciate some official DO guidance with the best way to update this across all my droplets

I just encounter this problem today when upgrading my ubuntu droplet to 22.04. This thing didn’t happened when I upgraded another droplet to 22.04. Found out there are two keys for DO instead of one.

pub   rsa2048 2016-02-17 [SC]
      9FE3 B226 BD77 5196 D8C2  E599 DE88 104A A4C6 383F
uid           [ unknown] DigitalOcean Insights Engineering sonar->agent@digitalocean.com>
sub   rsa2048 2016-02-17 [E]
pub   rsa4096 2022-11-09 [SC]
      902C 44B4 2EA9 A17F 8578  5109 77B7 9B3F FAF7 EF65
uid           [ unknown] DigitalOcean Insights Engineering <sonar-agent@digitalocean.com>

I exported both of keys using:

apt-key export A4C6383F | sudo gpg --dearmour -o /usr/share/keyrings/digitalocean-agent.gpg
apt-key export FAF7EF65 | sudo gpg --dearmour -o /usr/share/keyrings/digitalocean-agent2.gpg

Edit /etc/apt/sources.list.d/digitalocean-agent.list to this:

deb [arch=amd64 signed-by=/usr/share/keyrings/digitalocean-agent.gpg,/usr/share/keyrings/digitalocean-agent2.gpg] https://repos.insights.digitalocean.com/apt/do-agent main main

Run apt update, the warning should be gone. Then you can safely delete the keys

apt-key del A4C6383F
apt-key del FAF7EF65

I’m experiencing the exact same issue. Can’t seem to be able to find a solution anywhere.

# sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 77B79B3FFAF7EF65
Executing: /tmp/apt-key-gpghome.zoN6XXCefP/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 77B79B3FFAF7EF65
gpg: keyserver receive failed: No data