28

Running on 18.04, when trying sudo do-release-upgrade -d I get following error :

authenticate 'focal.tar.gz' against 'focal.tar.gz.gpg' 
Authentication failed
Authenticating the upgrade failed. There may be a problem with the network or with the server.

I've seen numerous posts akgin to reinstall sudo apt-get install --reinstall ubuntu-keyring

Which I did, with no result.

I manually downloaded focal.tar.gz and focal.tar.gz.gpg from http://mirrors.linode.com/ubuntu/dists/focal-proposed/main/dist-upgrader-all/20.04.18/

I did run a gpg check

gpg --receive-keys 871920D1991BC93C
gpg --receive-keys 3B4FE6ACC0B21F32
gpg --verify focal.tar.gz.gpg focal.tar.gz

Looks succesful (with warnings, but at least it matches)

gpg: Signature made mer. 08 avril 2020 19:38:12 CEST
gpg:                using RSA key 3B4FE6ACC0B21F32
gpg: Good signature from "Ubuntu Archive Automatic Signing Key (2012) <ftpmaster@ubuntu.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 790B C727 7767 219C 42C8  6F93 3B4F E6AC C0B2 1F32
gpg: Signature made mer. 08 avril 2020 19:38:12 CEST
gpg:                using RSA key 871920D1991BC93C
gpg: Good signature from "Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: F6EC B376 2474 EDA9 D21B  7022 8719 20D1 991B C93C

No idea what I could try to make the upgrade accept the file, and the process to go on.

I do not wish to follow this suggestion : change manually the sources definition, https://stackoverflow.com/questions/62388015/authenticating-the-upgrade-failed-there-may-be-a-problem-with-the-network-or-wi

I'm running this ubuntu machine as a 'maintainability test for any user', so my challenge here is not to tweak around. For that, my main pc runs arch ;)

So, I'm looking for a way as easy to explain and reproduce as possible to solve this.

Thank you !

Note

I could manually tinker with apt-key

gpg --receive-keys 3B4FE6ACC0B21F32
gpg --receive-keys 871920D1991BC93C
gpg --export  790BC7277767219C42C86F933B4FE6ACC0B21F32 > 1.gpg
gpg --export  F6ECB3762474EDA9D21B7022871920D1991BC93C > 2.gpg
sudo apt-key add 1.gpg
sudo apt-key add 2.gpg

but that's not something I should do .... is it ? And even so, it fails later on with

Updating repository information
Hit http://www-ftp.lip6.fr/pub/linux/distributions/Ubuntu/archive focal InRelease                                                                                                                                 
Hit http://www-ftp.lip6.fr/pub/linux/distributions/Ubuntu/archive focal-security InRelease                                                                                                                        
Hit http://archive.canonical.com/ubuntu focal InRelease                                                                                                                                                           
Fetched 0 B in 0s (0 B/s)   


(appstreamcli:1444): GLib-CRITICAL **: 19:08:37.593: g_variant_builder_end: assertion '!GVSB(builder)->uniform_item_types || GVSB(builder)->prev_item_type != NULL || g_variant_type_is_definite (GVSB(builder)->type)' failed


(appstreamcli:1444): GLib-CRITICAL **: 19:08:37.593: g_variant_new_variant: assertion 'value != NULL' failed


(appstreamcli:1444): GLib-ERROR **: 19:08:37.594: g_variant_new_parsed: 11-13:invalid GVariant format string
Trace/breakpoint trap (core dumped)

I sure can wait for 20.04.1 release but... that's a weird behaviour.

Looks like repo info is not found see Fetched 0 B in 0s (0 B/s) but when I manually browse the repo, things are there.

squalou
  • 465
  • 1
    Note I can edit file /usr/lib/python3/dist-packages/DistUpgrade/DistUpgradeFetcherCore.py and change authenticate function to return 'True' always whatever the gpg outcomes.. but this is both ugly and dangerous ! – squalou Jun 28 '20 at 15:22
  • For some reason, people always run do-release-upgrade with the -d. Please be careful with that. From what I've seen, most use it because they copy/paste the command from somewhere. That parameter can be dangerous, especially on servers. It will install the latest development/alpha/beta release. So you may end up with an unstable installation! – Dan Jan 26 '21 at 14:05
  • If you are not able to pull the keys, add --keyserver keyserver.ubuntu.com to the first both commands, they should look like this: gpg --keyserver keyserver.ubuntu.com --receive-keys 3B4FE6ACC0B21F32 gpg --keyserver keyserver.ubuntu.com --receive-keys 871920D1991BC93C – thl Mar 10 '24 at 18:57

6 Answers6

31

I tried to upgrade from 18.04 to 20.04 and got the same error.

The problem was that the 'bionic-updates' channel wasn't active in my /etc/apt/sources.list I had only 'bionic' and 'bionic-security'.

After adding a line to the sources.list:

deb http://hu.archive.ubuntu.com/ubuntu/ bionic-updates main restricted

sudo apt update && sudo apt dist-upgrade installed about 300+ packages and after that do-release-upgrade worked.

Zanna
  • 72,471
Calmarius
  • 958
  • 2
    This still didn't fix the problem. It appears there is some sort of unlisted Chrome Repository which prohibits the ungrade and yet remains hidden so it can't be removed. – Nicholas Bourbaki Feb 28 '21 at 01:49
  • At the least moved one step ahead, not sure how to figure out such issues. – Viky293 Oct 28 '22 at 16:01
  • +1 fixed it for me (adding bionic-updates main restricted with the corrected url) to a chroot ubuntu 18.04 installation on android (linux deploy) – Daniel Bişar Jan 16 '23 at 21:10
  • Requires Reboot : $ do-release-upgrade Checking for a new Ubuntu release You have not rebooted after updating a package which requires a reboot. Please reboot before upgrading – Jadeye May 27 '24 at 18:31
5

We encountered this error message on a couple of servers today, all with various different packages installed and custom source-lists.

After testing different approaches (listed here and in other threads), what worked for us on all servers, was to manually do the upgrade to the latest versions of the packages, then remove the source lists and then do-release-upgrade.

I highly recommend backing up the source folder before removing the files.

sudo apt update
sudo apt upgrade -y
sudo rm /etc/apt/sources.list.d/*
sudo do-release-upgrade
Zanna
  • 72,471
Anuga
  • 172
  • 2
    Thanks incredibly. I've been trying to upgrade xUbuntu from 18.04 to 20.04 for the longest time and have always been getting Repository errors. Your method worked perfectly and took about 1-2 hrs! I even tried making a new 20.04.2 DVD iso but that gave EPROM and "Not a Typewriter" errors. But your method worked. – Nicholas Bourbaki Feb 28 '21 at 18:31
1

I'm now getting this :

(appstreamcli:15661): GLib-CRITICAL **: 10:32:27.652: g_variant_builder_end: assertion '!GVSB(builder)->uniform_item_types || GVSB(builder)->prev_item_type != NULL || g_variant_type_is_definite (GVSB(builder)->type)' failed


(appstreamcli:15661): GLib-CRITICAL **: 10:32:27.652: g_variant_new_variant: assertion 'value != NULL' failed


(appstreamcli:15661): GLib-ERROR **: 10:32:27.652: g_variant_new_parsed: 11-13:invalid GVariant format string
Trace/breakpoint trap (core dumped)
Hit http://archive.ubuntu.com/ubuntu focal InRelease

Fetched 0 B in 0s (0 B/s)

... :-(

I wonder how it went in that state but I ended up removing appstream apt-get remove appstream, which should have complained a lot but NO : removed fine. go wonder. Upgrade process on its way. Finger crossed (and backup done)

...

ended up on total crash during update.

Reinstalled from stratch.

squalou
  • 465
1

I just came across the exact same error message when trying to do a do-release-upgrade from Bionic (to Focal).

In my case it was 'fixed' by bypassing the proxy I am usually using (apt-cacher-ng). Possibly a stale/bad file in the cache didn't match what was in the actual repositories.

Eichkatzerl
  • 21
1

None of the other answers worked for me. What finally got me past the failed authentication was:

sudo apt-get install --reinstall ubuntu-keyring
David Lechner
  • 113
0

In my case, there was a foreign architecture that somehow blocked the update:

marcos@nubes:~$ dpkg --print-foreign-architectures
i386
marcos@nubes:~$ dpkg -l | grep i386  # No packages
marcos@nubes:~$ sudo dpkg --remove-architecture i386
marcos@nubes:~$ sudo apt update
marcos@nubes:~$ sudo do-release-upgrade 
[success]
rapto
  • 111