Fix “WARNING: The following packages cannot be authenticated!” in Kali Linux

I just reinstalled Kali 1.0.5 and successfully did apt-get update and apt-get upgrade. But when I am trying to do an apt-get dist-upgrade I get this error

“WARNING: The following packages cannot be authenticated!”

Obviously I don’t want to install un-authenticated package. So I cancelled. Did some Googling and different people in different versions of Linux seems to have similar problem, however there wasn’t any clean solution specific for Kali Linux. I finally managed to figure it out and decided to write a small guide on it. So, next time someone else having the same issue, all they need to do is follow my guide and it will be fixed.

 

Fix WARNING The following packages cannot be authenticated! in Kali Linux - 1 - blackMORE Ops

As you can see I cancelled this upgrade

Fixing “WARNING: The following packages cannot be authenticated!”

I went through the following troubleshooting steps before I managed to solve it. Most GPG key issues can be fixed in similar ways.

Troubleshooting

I’ve arranged the troubleshooting steps by dot points.

Check Repositories

First thing I made sure that I have the correct Official Kali Linux repositories. If you don’t know how or what just follow the guide below to fix your repositories.

How to add official Kali Linux Repositories?

Check GPG Keys

Now that I know I have the correct repositories, next stop was to check my GPG keys (apt-key). I issued the following command to check my GPG keys:

apt-key list

Fix WARNING The following packages cannot be authenticated! in Kali Linux - 2 - blackMORE Ops

As you can see from the screenshot, it looks OK, nothing suspicious. Just to make sure, I did an update of my GPG keys. Again this can be done via command line.

apt-key update

Tried another apt-get update and apt-get dist-upgrade, received same error. This is now getting annoying.

Reinstall keyring

For every distro there’s one package that will install all the necessary keyrings. Kali keyring package is named kali-archive-keying. Similar naming for other distroes. For example:

  1. Kali Keyring – kali-archive-keyring
  2. Debian Keyring – debian-archive-keyring
  3. Ubuntu Keyring – ubuntu-archive-keyring

So all I had to do install keying package again and this problem would go away.Just note that you need to use aptitude command instead of apt-get here.

Easy done, typed in the following in terminal.

aptitude reinstall kali-archive-keyring

Fix WARNING The following packages cannot be authenticated! in Kali Linux - 3 - blackMORE Ops.png

Retry distribution upgrade

Tried another apt-get dist-upgrade.

Fix WARNING The following packages cannot be authenticated! in Kali Linux - 4 - blackMORE Ops.png

Worked just fine this time.

Quick note

Ubuntu or Debian users can fix similar errors by following same steps. Just replace the keyring name. For example:

aptitude reinstall ubuntu-archive-keyring

and so forth..

Conclusion

It’s been a while I reinstalled Kali (I managed to completely mess up my MBR when mix-matching multiple Linux distros and Windows!). Luckily didn’t loose any data (Huzzaah for movies and music!!). Did a complete re-partition and installed Kali 1.0.5 x64 in it.

You should never install a package that you can’t verify. There can be a number of reason why you shouldn’t. If someone is DNS spoofing on your network, you end up getting packages from untrusted sources and in Linux that is a BIG problem. There’s no end to possibilities what a person can do in Linux when they have full access to your system. Virus and malwares are getting more and more common in Linux since 2009. Be careful. Just casue you’re on Linux, doesn’t mean you’re protected (always!).

Thanks for reading. Hope you liked it, please share.

Check Also

Enabling AMD GPU for Hashcat on Kali Linux: A Quick Guide

Enabling AMD GPU for Hashcat on Kali Linux: A Quick Guide

If you’ve encountered an issue where Hashcat initially only recognizes your CPU and not the …

Boot Ubuntu Server 22.04 LTS from USB SSD on Raspberry Pi 4

Boot Ubuntu Server 22.04 LTS from USB SSD on Raspberry Pi 4

This is a guide for configuring Raspberry Pi4 to boot Ubuntu from external USB SSD …

One comment

  1. Thanks
    Do you know another reason why apt-get update upgrade keep showing “WARNING: The following packages cannot be authenticated!” in Kali GNU/Linux 1.1.0 (moto)

    I used Backtrack before and I had similar problems updating, but was about a temporally server problem and later the change from ubuntu to debian BT to Kali, I am thinking that could be faster just to install to the new Kali 2 and keep the old Kali 1 just for experiments

    This is the error that i am getting now, I tried all the suggested steps.

    The following packages will be REMOVED:
    libopenvas7 python-bloomfiltermmap
    The following NEW packages will be installed:
    ieee-data libhiredis0.10 libjemalloc1 libluajit-5.1-2 libluajit-5.1-common
    libopenvas8 libregfi0 pixiewps python-dicttoxml python-flask
    python-itsdangerous python-jsonrpclib python-markdown python-mechanize
    python-psutil python-pybloomfiltermmap python-ruamel.ordereddict
    python-slowaes python-vulndb python-werkzeug python-xlsxwriter redis-server
    The following packages will be upgraded:
    aircrack-ng bind9-host dnsutils ettercap-common ettercap-graphical
    greenbone-security-assistant hashcat iceweasel libbind9-80 libdns88 libisc84
    libisccc80 libisccfg82 liblwres80 libmysqlclient18 libtidy-0.99-0 libvlc5
    libvlccore5 libwmf0.2-7 mitmproxy mysql-client-5.5 mysql-common mysql-server
    mysql-server-5.5 mysql-server-core-5.5 openvas openvas-cli openvas-manager
    openvas-scanner python-phply reaver recon-ng reglookup vlc vlc-data vlc-nox
    vlc-plugin-notify vlc-plugin-pulse w3af w3af-console
    40 upgraded, 22 newly installed, 2 to remove and 0 not upgraded.
    Need to get 89.5 MB of archives.
    After this operation, 16.9 MB of additional disk space will be used.
    Do you want to continue [Y/n]? y
    WARNING: The following packages cannot be authenticated!
    libhiredis0.10 greenbone-security-assistant openvas-scanner openvas-manager
    openvas-cli libopenvas8 libjemalloc1 redis-server python-pybloomfiltermmap
    python-phply python-markdown python-vulndb python-ruamel.ordereddict
    python-psutil w3af-console libluajit-5.1-common libluajit-5.1-2 mysql-common
    libmysqlclient18 libregfi0 vlc-plugin-pulse vlc-plugin-notify vlc
    libvlccore5 vlc-data vlc-nox libvlc5 libwmf0.2-7 mysql-server
    mysql-server-5.5 mysql-client-5.5 mysql-server-core-5.5 python-jsonrpclib
    bind9-host dnsutils libisc84 libdns88 libisccc80 libisccfg82 liblwres80
    libbind9-80 aircrack-ng ettercap-common ettercap-graphical iceweasel
    ieee-data libtidy-0.99-0 python-werkzeug python-itsdangerous python-flask
    mitmproxy python-dicttoxml python-slowaes python-xlsxwriter reglookup
    hashcat openvas pixiewps python-mechanize reaver recon-ng w3af
    Install these packages without verification [y/N]?

Leave your solution or comment to help others.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from blackMORE Ops

Subscribe now to keep reading and get access to the full archive.

Continue reading

Privacy Policy on Cookies Usage

Some services used in this site uses cookies to tailor user experience or to show ads.