Update Expired GPG Keys

Package Upgrade from Cumulus Linux 5.5.0 or Earlier to 5.8.0

Issue

When you try to upgrade a switch from Cumulus Linux 5.5.0 or earlier to 5.8.0 with package upgrade, you see errors for expired GPG keys that prevent you from upgrading:

W: GPG error: http://apt.cumulusnetworks.com/repo CumulusLinux-5-latest InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 191184DAB33070E2

Resolution

Install the new keys, then upgrade the switch:

cumulus@switch:~$ wget https://download.nvidia.com/cumulus/apt.cumulusnetworks.com/repo/pool/cumulus/c/cumulus-archive-keyring/cumulus-archive-keyring_4-cl5.6.0u5_all.deb
cumulus@switch:~$ sudo apt install ./cumulus-archive-keyring_4-cl5.6.0u5_all.deb
cumulus@switch:~$ sudo apt update
cumulus@switch:~$ sudo apt upgrade

Package Upgrade from Cumulus Linux 3.7.x to 3.7.16

Issue

When you try to upgrade a switch from Cumulus Linux 3.7.x to 3.7.16 with package upgrade, you see errors for expired GPG keys that prevent you from upgrading:

W: GPG error: http://repo3.cumulusnetworks.com CumulusLinux-3 InRelease: The following signatures were invalid: KEYEXPIRED 1522652605 KEYEXPIRED 1522652605 KEYEXPIRED 1522652605
W: GPG error: http://repo3.cumulusnetworks.com CumulusLinux-3-security-updates InRelease: The following signatures were invalid: KEYEXPIRED 1522652605 KEYEXPIRED 1522652605 KEYEXPIRED 1522652605
W: GPG error: http://repo3.cumulusnetworks.com CumulusLinux-3-updates InRelease: The following signatures were invalid: KEYEXPIRED 1522652605 KEYEXPIRED 1522652605 KEYEXPIRED 1522652605

Resolution

Download the new repository keys, then upgrade the switch:

cumulus@switch:~$ wget http://repo3.cumulusnetworks.com/public-key/repo3-2023-key
cumulus@switch:~$ sudo apt-key add repo3-2023-key
cumulus@switch:~$ sudo -E apt-get update
cumulus@switch:~$ sudo -E apt-get upgrade