This warning appears when apt cannot verify repository signatures because GPG keys are missing. It typically occurs after adding a new PPA or repository. You can fix it by importing the missing GPG keys from key servers.
The "no public key available" warning occurs when apt-get update cannot verify the authenticity of packages from a repository. Every Debian/Ubuntu repository signs its packages with a GPG (GNU Privacy Guard) key for security verification. When apt tries to update but can't find the public key, it means either: 1. You've recently added a new repository (PPA) that apt doesn't yet know about 2. The repository's key has changed or been rotated 3. The key server is temporarily unavailable 4. Your system's keyring is out of sync While this is technically just a warning (not an error that stops updates), it indicates security verification is failing, which is worth fixing.
When you run apt-get update, the warning will show:
W: There is no public key available for the following key IDs:
467B942D3A79BD29Copy the key ID (the hexadecimal string like '467B942D3A79BD29'). You'll use this in the next step.
Note: The key ID shown might be the last 16 characters of a longer fingerprint. That's fine—it's unique enough to find the key.
On Ubuntu systems, use the Ubuntu key server for fastest retrieval:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys YOUR_KEY_IDReplace YOUR_KEY_ID with the actual key ID. For example:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 467B942D3A79BD29Once imported, you should see:
gpg: key 467B942D3A79BD29: public key "..." importedAfter importing, run apt-get update again to verify the key is now recognized:
sudo apt-get updateThe warning for that key should no longer appear. If you added multiple repositories, you may see warnings for additional missing keys—repeat steps 1-2 for each one.
You can also list all trusted keys with:
apt-key listIf the Ubuntu key server is slow or unreachable, try a different key server:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys YOUR_KEY_IDOr use pgp.mit.edu:
sudo apt-key adv --keyserver pgp.mit.edu --recv-keys YOUR_KEY_IDOr use keys.openpgp.org:
sudo apt-key adv --keyserver keys.openpgp.org --recv-keys YOUR_KEY_IDTry different servers if one fails.
If apt-key doesn't work (it's deprecated on newer systems), download and import the key directly using GPG:
gpg --keyserver keyserver.ubuntu.com --recv-keys YOUR_KEY_ID
gpg --armor --export YOUR_KEY_ID | sudo apt-key add -For specific repositories like Google Chrome or Microsoft packages, check their documentation for the exact key URL, then import with curl or wget:
# For Google Chrome
wget -qO- https://dl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
# For Microsoft packages
curl -fsSL https://packages.microsoft.com/keys/microsoft.asc | sudo gpg --dearmor -o /usr/share/keyrings/microsoft-prod.gpgapt-key is deprecated: On Ubuntu 22.04 and newer, apt-key is deprecated in favor of storing keys in /usr/share/keyrings/*.gpg. For new repositories, maintainers should provide installation scripts that use the newer method. However, apt-key adv still works for compatibility.
Key server synchronization: Key servers (keyserver.ubuntu.com, pgp.mit.edu, etc.) are synchronized but not instantly. If a key is newly uploaded, it may take minutes to hours to appear on all servers. If a key server is slow, try another.
Partial key IDs: The warning shows only the last 16 characters of a key's full 40-character fingerprint. This is sufficient and intentional for readability, though some tools may ask for the full fingerprint.
Repository-specific keys: Some repositories (like Google Chrome, VSCode) provide their own key URLs in their setup documentation. Always use their recommended installation method first before resorting to manual key imports.
Security consideration: Only import keys from trusted sources. If a repository suddenly changes its key without notice, verify the change through official channels before importing the new key.
E: Could not connect to proxy server
Could not connect to proxy server
E: Package 'package:i386' has no installation candidate
How to fix "Package package:i386 has no installation candidate" in apt
E: The value 'value' is invalid for APT::Default-Release
How to fix invalid APT::Default-Release value in APT
dpkg: error: unable to create new file 'path': Permission denied
How to fix dpkg permission denied errors in APT
subprocess installed post-removal script returned error exit status 1
How to fix "subprocess installed post-removal script returned error exit status 1" in APT