Docker: How to solve the public key error in ubuntu while installing docker

Question

I am getting the below error message when running the below command for installing docker and kubernetes in Ubuntu server.

root@master:/home/ubuntu# add-apt-repository \
>   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
>   $(lsb_release -cs) \
>   stable"
Hit:1 http://in.archive.ubuntu.com/ubuntu bionic InRelease
Get:2 https://download.docker.com/linux/ubuntu bionic InRelease [64.4 kB]
Hit:3 http://in.archive.ubuntu.com/ubuntu bionic-updates InRelease
Hit:4 http://in.archive.ubuntu.com/ubuntu bionic-backports InRelease
Hit:5 http://in.archive.ubuntu.com/ubuntu bionic-security InRelease
**Err:2 https://download.docker.com/linux/ubuntu bionic InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7EA0A9C3F273FCD8**
Reading package lists... Done
W: GPG error: https://download.docker.com/linux/ubuntu bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7EA0A9C3F273FCD8
**E: The repository 'https://download.docker.com/linux/ubuntu bionic InRelease' is not signed.**
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
root@master:/home/ubuntu#

I have also ran the below command but no luck

root@master:/# sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7EA0A9C3F273FCD8
Executing: /tmp/apt-key-gpghome.rDOuMCVLF2/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 7EA0A9C3F273FCD8
gpg: keyserver receive failed: No keyserver available

Answer 1

I had this exact problem. I believe it was caused by my default umask, which caused some of the Docker files to be installed with incorrect permissions. I was able to fix it by correcting the file permissions the docker key file:

sudo chmod a+r /usr/share/keyrings/docker-archive-keyring.gpg

Answer 2

EDIT: This apparently does not work any more.

Run this to add the correct key:

# Does not work any more
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

Source: https://docs.docker.com/install/linux/docker-ce/ubuntu/

Answer 3

There is issue with Debian Testing (bullseye):

Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).

But can be solved with:

 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Answer 4

First , add key to /usr/share/keyrings/docker-archive-keyring.gpg by command:

sudo curl -fsSL "https://download.docker.com/linux/ubuntu/gpg" | sudo gpg --dearmor --yes -o /usr/share/keyrings/docker-archive-keyring.gpg

Second , update permissions for it:

sudo chmod a+r /usr/share/keyrings/docker-archive-keyring.gpg

Answer 5

Make sure /usr/share/keyrings/docker-archive-keyring.gpg is global readable.

# ls -l /usr/share/keyrings/docker-archive-keyring.gpg
-rw-rw---- 1 root root 2760 Aug 17 06:46 /usr/share/keyrings/docker-archive-keyring.gpg
strace -f apt update 2>&1 | grep docker-archive-keyring
[pid  9453] faccessat(AT_FDCWD, "/usr/share/keyrings/docker-archive-keyring.gpg", R_OK) = -1 EACCES (Permission denied)
# chmod o+r /usr/share/keyrings/docker-archive-keyring.gpg
# strace -f apt update 2>&1 | grep docker-archive-keyring
[pid  9772] faccessat(AT_FDCWD, "/usr/share/keyrings/docker-archive-keyring.gpg", R_OK) = 0
[pid  9795] openat(AT_FDCWD, "/usr/share/keyrings/docker-archive-keyring.gpg", O_RDONLY) = 4
[pid  9795] access("/usr/share/keyrings/docker-archive-keyring.gpg", F_OK) = 0
[pid  9795] access("/usr/share/keyrings/docker-archive-keyring.gpg", R_OK) = 0
[pid  9795] openat(AT_FDCWD, "/usr/share/keyrings/docker-archive-keyring.gpg", O_RDONLY) = 6
[pid  9795] openat(AT_FDCWD, "/usr/share/keyrings/docker-archive-keyring.gpg", O_RDONLY) = 7
[pid  9795] openat(AT_FDCWD, "/usr/share/keyrings/docker-archive-keyring.gpg", O_RDONLY) = 8

Answer 6

from: https://docs.docker.com/engine/install/ubuntu/ It works in ubuntu 20.04

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo \
  "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get --assume-yes install docker-ce docker-ce-cli containerd.io

Answer 7

If you did followed the Install Docker Engine on Ubuntu steps, Please see your permissions file /usr/share/keyrings/ .

It should be -rw-r--r-- 1 root root 2.7K Sep 13 05:46 docker-archive-keyring.gpg

-rw-r--r--

I changed permissions before it -rw-r----- into -rw-r--r-- by using this command

sudo chmod o+r /usr/share/keyrings/docker-archive-keyring.gpg

And then check it by using apt update, it's working for me.

Answer 8

Here's the error

W: GPG error: https://download.docker.com/linux/ubuntu bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7EA0A9C3F273FCD8

Copy the key that follows NO_PUBKEY and do

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys <the key>

Make sure you replace <the key> with the key you copied
And then run your command again

Answer 9

For 22.04 I had to do:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/docker.gpg

specifically, get the output to go to /etc/apt/trusted.gpg.d/docker.gpg

Answer 10

Ubuntu 20.04, this is what you should do:

echo \ "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

INSTEAD OF

echo \"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

On the docker website , this line got updated and /usr/share/keyrings/docker-archive-keyring.gpg became /etc/apt/keyrings/docker.gpg .

Answer 11

I was experiencing this issue while installing docker in Ubuntu 22.04. While I did not take the time to understand what I was missing, I found this link to have helped with this. Install docker in ubuntu 22.04

Answer 12

In my case, I was using a non-supported OS version of Ubuntu (14.04.6 LTS). Make sure to compare your OS version with the supported version as mentioned here https://docs.docker.com/engine/install/ubuntu/#os-requirements

Answer 13

I ended up here because I was trying to install Docker on Ubuntu 22.04.1 by adding their repo to the apt config. I was setting up an ansible playbook to do this.

Like many others above, I was having problems with the The following signatures couldn't be verified because the public key is not available: NO_PUBKEY...** error.

I eventually settled on the following piece of ansible to get the job done:

    - name: setting up docker apt repo
      block:
        - name: get docker gpg key
          become: true
          get_url:
            url: https://download.docker.com/linux/ubuntu/gpg
            dest: /usr/share/keyrings/docker-archive-keyring-armored.gpg
        - name: CMD - process docker key
          become: true
          shell:
            cmd: cat /usr/share/keyrings/docker-archive-keyring-armored.gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
        - name: configure docker apt source
          become: true        
          apt_repository:
            repo: "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
            state: present

Putting this here for the next poor sod that wants to make this go.