How can I get past a “Repository is not signed…” message when attempting to upgrade Kali Linux from a mounted disk image?

--------------------------------------------------
Rise to the top 3% as a developer or hire one of them at Toptal: https://topt.al/25cXVn
--------------------------------------------------

Music by Eric Matyas
https://www.soundimage.org
Track title: Techno Intrigue Looping

--

Chapters
00:00 How Can I Get Past A “Repository Is Not Signed…” Message When Attempting To Upgrade Kali Linux From
00:36 Accepted Answer Score 83
01:23 Answer 2 Score 28
01:33 Answer 3 Score 4
01:52 Thank you

--

Full question
https://superuser.com/questions/1331936/...

--

Content licensed under CC BY-SA
https://meta.stackexchange.com/help/lice...

--

Tags
#kalilinux #apt

#avk47

ACCEPTED ANSWER

Score 83

According to the Debian man page for apt-get, you can use the --allow-unauthenticated option like this:

apt-get update --allow-unauthenticated

As the man page entry for --allow-unauthenticated explains:

Ignore if packages can't be authenticated and don't prompt about it. This can be useful while working with local repositories, but is a huge security risk if data authenticity isn't ensured in another way by the user itself. The usage of the Trusted option for sources.list(5) entries should usually be preferred over this global override. Configuration Item: APT::Get::AllowUnauthenticated.

And if that doesn’t work, try run-in it with --allow-insecure-repositories like this:

apt-get update --allow-insecure-repositories

ANSWER 2

Score 28

You should tell apt it's a trusted source:

deb [trusted=yes] file:/media/cdrom0 kali-rolling main contrib non-free

ANSWER 3

Score 4

For anyone like me that came across this because their repository is not signed. Maybe on another distro not specifically Kali Linux.

My distro in question was MX linux.

I found this command to import the missing gpg keys.

checkaptgpg