access denied error

It is kind of critical and I am not sure if this is the right place to ask. Accessing is currently not possible (access denied error) and when trying to access the repo with the previously always working GPG key I get now the error that the repo is not signed. Can anyone help me out?

Hi @danielbisar
yes, the old gpg key recently expired. You can renew it in the same way you installed the old one:

curl -fsSL | sudo tee /etc/apt/trusted.gpg.d/mender.asc

You can then verify it with:

   gpg --show-keys --with-fingerprint /etc/apt/trusted.gpg.d/mender.asc

reference: Downloads | Mender documentation

About the access, it’s expected that you cannot browse it, but still, it’s accessible by the package managers.



I’m experiencing the same problem as @danielbisar. Followed your instructions and verified the key (expires 2024-10-23). But when performing apt update I get the following error:

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: ubuntu/focal/stable InRelease: The following signatures were invd: EXPKEYSIG xxxxx Mender Team

Maybe it’s related to ubuntu 20 (focal)?

Any help is very appreciated. Thanks

Hi @Dave
then you should rebuild your local repository index: can you try following steps?

sudo apt-get clean
sudo mv /var/lib/apt/lists /tmp
sudo apt-get clean
sudo apt-get update


Hi @robgio ,

I tried your instructions but unfortunately it did not resolve the problem.

Still getting errors:
W: GPG error: ubuntu/focal/stable InRelease: The following signatures were invalid: EXPKEYSIG xxxxx Mender Team
E: The repository ‘ ubuntu/focal/stable InRelease’ is not signed.

I also noticed the not signed error. Could this be the cause?

Hi @Dave ,
the repository is actually signed, here’s my local test

root@646c7a45d1b3:/# apt-get update
Hit:1 focal InRelease
Hit:2 focal-security InRelease
Hit:3 focal-updates InRelease
Hit:4 focal-backports InRelease
Get:5 ubuntu/focal/stable InRelease [3722 B]
Get:6 ubuntu/focal/stable/main amd64 Packages [1730 B]
Fetched 5452 B in 1s (4379 B/s)    
Reading package lists... Done

root@646c7a45d1b3:/# cat /etc/os-release 
VERSION="20.04.5 LTS (Focal Fossa)"

Can you list all your imported keys and verify if the new one is present? You should see at least one Mender key:

$ apt-key list
pub   rsa3072 2020-11-13 [SC] [expires: 2024-10-23]
      E6C8 5734 5575 F921 8396  5662 2407 2B80 A1B2 9B00
uid           [ unknown] Mender Team <>
sub   rsa3072 2020-11-13 [E] [expires: 2024-10-23]

If you see the old one, please remove it and import the new one again:

$ apt-key del /etc/apt/trusted.gpg.d/mender.asc
$ curl -fsSL | sudo tee /etc/apt/trusted.gpg.d/mender.asc

And verify if it matches E6C8 5734 5575 F921 8396 5662 2407 2B80 A1B2 9B00 with the following command:

$ gpg --show-keys --with-fingerprint /etc/apt/trusted.gpg.d/mender.asc

Hi @robgio,

I found the root cause of the problem. Besides mender.asc there was also an expired Mender key in /etc/apt/trusted.gpg. Removed the expired one from trusted.gpg and importing the new one resolved the issue.

Thanks for all the support.


sorry to revive the topic here- I just did the express installation according to documentation on a Debian 11 and ran into the same error.

The documentary claims :

The Mender GPG public key and APT repository will be added to your trusted APT keychain and sources list respectively without asking for confirmation.


W: The key(s) in the keyring /etc/apt/trusted.gpg.d/mender.asc are ignored as the file is not readable by user '_apt' executing apt-key.

W: GPG-Fehler: debian/bullseye/stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 24072B80A1B29B00

E: Das Depot » debian/bullseye/stable InRelease« ist nicht signiert. (is not signed.)