I have fresh installation of ubuntu 14.04 now. When I updated my system, I faced the following GPG Error:
W: GPG error: http://in.archive.ubuntu.com trusty Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
As it is saying that “BADSIG 40976EAF437D05B5” signature is invalid. To solve this, I run the following command to import the keys:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 6AF0E1940624A220 40976EAF437D05B5
Explanation:
- apt-key: It is used to manage the list of keys used by apt to authenticate packages. Packages which have been authenticated using these keys will be considered trusted.
- adv: Pass advanced options to gpg. With adv –recv-key you can download the public key.
- For more details, read http://manpages.ubuntu.com/manpages/lucid/en/man8/apt-key.8.html
But, it didn’t solve the issue. Then, I found a trick to remove this error. This was like given below:
Open your source.list using your favorite text editor, i.e.
$ sudo vim /etc/apt/sources.list
locate http://in.archive.ubuntu.com/ubuntu and replace it with http://archive.ubuntu.com/ubuntu.
So, I remove the ‘in.’ prefix in each of the addresses to convert them to addresses of the main server. This solved my problem.
Davinder Kaur 