I recently came across the (incredibly frustrating) error message
Updating from such a repository can't be done securely while trying to run
apt-get update on an Ubuntu 18.04 LTS installation. Everything was working fine on Ubuntu 16.04.5. It turns out that newer version of
apt (1.6.3) on Ubuntu 18.04.1 is stricter with regards to signed repositories than Ubuntu 16.04.5 (
Here’s an example of the error while trying to communicate with the Wazuh repository:
Reading package lists… Done
E: Failed to fetch https://packages.wazuh.com/apt/dists/xenial/InRelease 403 Forbidden [IP: 220.127.116.11 443]
E: The repository 'https://packages.wazuh.com/apt xenial InRelease' is no longer signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
After searching around, we found that this issue has already been reported to the Wazuh project, but the solution of adding
[trusted=yes] did not work for a repository that had already been added in
/etc/apt. After continued searching, the following solution was finally hit upon:
deb [allow-insecure=yes allow-downgrade-to-insecure=yes] https://packages.wazuh.com/apt xenial main
That is, rather than using
[trusted=yes] one can use
[allow-insecure=yes allow-downgrade-to-insecure=yes]. Running
apt-get update afterwards shows that the
InRelease section is ignored, and
Release is picked up:
Ign:7 https://packages.wazuh.com/apt xenial InRelease
Hit:8 https://packages.wazuh.com/apt xenial Release
Note that this is obviously a temporary solution, and should only be applied to a misbehaving repository! If you’re so inclined, upvote the Wazuh GitHub issue, as a fix at the repository level would be nice.