Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
4092
Views
9
Helpful
17
Comments

Heads-up: GPG key for Duo Unix will be updated June 2, 2022

timshores1
Level 1
Level 1

on ‎06-01-2022 12:48 PM

Hello!

On June 2, 2022, we will update the GPG key used to sign Duo Unix distribution packages to improve the strength and security of our package signatures. If you are currently using this application, the next time that you upgrade the Duo Unix package on or after June 6th via yum, dnf, apt, or apt-get, you will also have to update the key.

Depending on which distribution of Unix you are using, you will need to run the following command during the application upgrade process to update the GPG key.

CentOS, Fedora and Red Hat Enterprise Linux (RHEL)
rpm --import https://duo.com/DUO-GPG-PUBLIC-KEY.asc

Ubuntu 18.04 and 20.04 and Debian
curl -s https://duo.com/DUO-GPG-PUBLIC-KEY.asc | sudo apt-key add -

Ubuntu 22.04:
curl -s https://duo.com/DUO-GPG-PUBLIC-KEY.asc | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/duo.gpg

These are the same commands that must be run to import Duo’s GPG signing keys for a new installation of Duo Unix.

This key change does not impact deprecated OS versions such as Debian 8 or CentOS 6.

If you are currently running Duo Unix and try to upgrade to the latest version without updating the GPG key, you will see an error similar to the following.

Example error when using apt update

W: GPG error: https://pkg.duosecurity.com/Debian jessie Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY …

Example error when using yum install duo_unix or dnf install duo_unix

Public key for duo_unix-1.12.1-0.el9.x86_64.rpm is not installed

The downloaded packages were saved in cache until the next successful transaction.

You can remove cached packages by executing 'yum clean packages'.

Error: GPG check FAILED

Let us know if you have any questions about this!

Comments
amiguel
Level 1
Level 1
‎09-15-2022 10:59 AM

We been able to get around this issue I have, by downloading the rpm manually, disabling /etc/yum.repos.d/duosecurity.repo and running the install with the downloaded rpm. I still would like to maybe know why doing the install with the repo does not work.

amiguel
Level 1
Level 1
‎09-22-2022 06:01 AM

There seems to be still an issue with the GPG key. We are also getting this error " error: https://duo.com/DUO-GPG-PUBLIC-KEY.asc: key 1 not an armored public key" in doing installs on RHEL 6. Any thoughts?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
     
                  Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents