Kali的源得数字验证问题

装上之后第一件事就是执行apt-get update && apt-get upgrade,结果却出现了这样的错误

我添加的是中科大的更新源,在浏览器中是可以正常打开的:

deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib

deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib

#中科大

deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib

deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib

#阿里云

#deb http://mirrors.aliyun.com/kali kali-rolling main non-free contrib

#deb-src http://mirrors.aliyun.com/kali kali-rolling main non-free contrib

#清华大学

#deb http://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free

#deb-src https://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free

#浙大

#deb http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free

#deb-src http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free

#东软大学

#deb http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib

#deb-src http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib

#官方源

#deb http://http.kali.org/kali kali-rolling main non-free contrib

#deb-src http://http.kali.org/kali kali-rolling main non-free contrib

#重庆大学

#deb http://http.kali.org/kali kali-rolling main non-free contrib

#deb-src http://http.kali.org/kali kali-rolling main non-free contrib

可是添加到 /etc/apt/source.list之后,执行apt-update就会出现上面的错误提示

在多方搜索无果之后,我决定静下心来认真阅读一下kali中提供的文档,根据上面的提示, 我查看了apt-secure(8)——>命令man 8 apt-secure

DESCRIPTION

Starting with version 0.6, APT contains code that does signature

checking of the Release file for all repositories. This ensures that

data like packages in the archive can‘t be modified by people who have

no access to the Release file signing key. Starting with version 1.1

APT requires repositories to provide recent authentication information

for unimpeded usage of the repository. Since version 1.5 changes in the

information contained in the Release file about the repository need to

be confirmed before APT continues to apply updates from this

repository.

Note: All APT-based package management front-ends like apt-get(8),

aptitude(8) and synaptic(8) support this authentication feature, so

this manpage uses APT to refer to them all for simplicity only.

首先阅读一下apt-secure的描述,读完之后我们可以知道,之所以一直更新不成功,是因为没有签名或者是有签名但是apt没有对应的key的package是不被信任的,安全起见,默认是不会采用这种源来进行更新的

继续往下阅读

UNSIGNED REPOSITORIES

If an archive has an unsigned Release file or no Release file at all

current APT versions will refuse to download data from them by default

in update operations and even if forced to download front-ends like

apt-get(8) will require explicit confirmation if an installation

request includes a package from such an unauthenticated archive.

You can force all APT clients to raise only warnings by setting the

       configuration option Acquire::AllowInsecureRepositories to true.

Individual repositories can also be allowed to be insecure via the

sources.list(5) option allow-insecure=yes. Note that insecure

repositories are strongly discouraged and all options to force apt to

continue supporting them will eventually be removed. Users also have

the Trusted option available to disable even the warnings, but be sure

to understand the implications as detailed in sources.list(5).

第二段的标题正是没有签名的仓库,这正是我们需要的说明
You can force all APT clients to raise only warnings by setting the
configuration option Acquire::AllowInsecureRepositories to true.

这句话就是解决问题的关键,虽然国内的源没有签名,或者签名过期(失效),但是我们可以强制apt进行更新,忽略仓库的安全性,而想要达到这个目的,我们就需要对APT的配置文件进行修改
我搜索了apt.conf这个关键字,但相关网页都是英文的,硬着头皮读完之后发现我的kali中并没有apt.conf文件,在我的/etc/apt目录下,只有一个apt.conf.d目录,cd进该目录:

那么多配置文件,我也不知道到底该改哪一个,然后又去百度了一会儿,看到了这篇文章
https://wiki.debian.org/AptConf

然后我就抱着试一试的心态打开了70debconf文件,按照前面man文档的指导,在里面输入了Acquire::AllowInsecureRepositories “true”;
然后执行apt-config dump,查看apt的对应配置有无生效

Acquire::AllowInsecureRepositories的属性值由最初的”0”变成了”true”
说明更改配置成功,然后赶紧敲入apt-get update && apt-get upgrade

原文地址:https://www.cnblogs.com/haozheyu/p/9212245.html

时间: 2024-11-02 23:30:02

Kali的源得数字验证问题的相关文章

kali 更新源

个人收集的kali 更新源: 修改更新源: vim /etc/apt/sources.list 更新源列表包: #apt-get update 更新系统软件: #apt-get upgrade #官方源 deb http://http.kali.org/kali kali main non-free contrib deb-src http://http.kali.org/kali kali main non-free contrib deb http://security.kali.org/k

Atitit  验证 数字验证 非空验证的最佳算法  h5

Atitit  验证 数字验证 非空验证的最佳算法  h5 <td><select class="searchBox-select"   style="height:25px;" id2="branch_id" id="objid" name="objid" required  > <option value="">--物品</option>

Debian 8添加kali更新源并安装metasploit

一.Debian 8添加kali更新源 中科大kali更新源: deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib 1.通过vim或者可视化文本编辑器将以上更新源添加到"/etc/apt/sources.list"文件中 2.执行命令更新可安装列表

图文验证码—数字验证技术

验证码—数字验证技术 在Java中,提供了一种可以生成随机数据的类,那就是java.util.Random类.在使用该类时,需要通过实例化一个Random对象创建一个随机数据生成器,其语法格式如下: Random r=new Rnadom(); 其中,r是指定Random对象. 以这种方式实例化对象时,Java编译器以系统当前时间作为随机数生成器的种子,因为每时每刻的时间不可能相同,所以产生的随机数也将不同,但是如果运行速度太快,也会产生两次运行结果相同的随机数.这时,可以在实例化Random对

kali 软件源 包含virtualbox所需头文件

# deb cdrom:[Debian GNU/Linux 7.0 _Kali_ - Official Snapshot i386 LIVE/INSTALL Binary 20130905-08:50]/ kali contrib main non-free #deb cdrom:[Debian GNU/Linux 7.0 _Kali_ - Official Snapshot i386 LIVE/INSTALL Binary 20130905-08:50]/ kali contrib main

Java杂谈之正则表达式--日期,邮箱,数字验证

当我们判断数据的格式是否符合规范的时候,一般会采用两种方式: 一种是if...else不断的嵌套或者if...else并排判断的方式 (这两者代表以条件正确为前提还是以条件错误为前提的) 另一种就是正则表示式. 字符串匹配给正则表达式:boolean matches(Stirng regex) 用法:String.matches(regex) 当然可以说if...else是万能的,正则表达式是有局限的,不能过分依赖,它只是解决问 题的一种手段而已,并不是必要的. 但往往用正确的使用正则表达式能让

几个有用的javascript(日期比较,数字验证,数字和汉字长度计算)

1:日期大Js代码 Js代码   //人员失效职位日期是否小于组织失效日期 function perDateInvalidate(){ var flag = true; //组织失效日期 var orgDate = stringToTime(document.getElementById("orgDate").value); //人员失效日期 var personDate = stringToTime(document.getElementById("personDate&q

jquery纯数字验证

$(document).ready(function(){  //纯数字验证,只让输入数字,比如-号等都不然输入.  $('#user-defined').unbind();  $('#user-defined').bind('keyup change',function () {    $(this).val($(this).val().replace(/\D/g,''));}); });

用正则表达式对常用字符数字验证

1:用正则表达式验证电话号码 /// <summary> /// 验证电话号码格式是否正确 /// </summary> /// <param name="str_telephone">电话号码信息</param> /// <returns>方法返回布尔值</returns> public bool IsTelephone(string str_telephone) { return System.Text.Reg