
<html>

  <head>

    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">

  </head>

  <body>

    <p>Hello, I am using Linux Mint 20.2 Uma 64-bit with Mate desktop on

      my computer. Today I updated the machine in terminal as superuser

      by passing the following command <b>apt-get update &&

        apt-get upgrade </b>. <br>

    </p>

    <p>1. I received the following invalid signature key message output

      as follows:<br>

    </p>

    Ign:1 <a class="moz-txt-link-freetext" href="http://packages.linuxmint.com">http://packages.linuxmint.com</a> uma InRelease<br>

    Hit:2 <a class="moz-txt-link-freetext" href="http://packages.linuxmint.com">http://packages.linuxmint.com</a> uma

    Release                                <br>

    Hit:3 <a class="moz-txt-link-freetext" href="http://security.ubuntu.com/ubuntu">http://security.ubuntu.com/ubuntu</a> focal-security

    InRelease               <br>

    Hit:4 <a class="moz-txt-link-freetext" href="http://archive.ubuntu.com/ubuntu">http://archive.ubuntu.com/ubuntu</a> focal

    InRelease                         <br>

    Hit:5 <a class="moz-txt-link-freetext" href="http://archive.canonical.com/ubuntu">http://archive.canonical.com/ubuntu</a> focal

    InRelease                      <br>

    Hit:6 <a class="moz-txt-link-freetext" href="http://ppa.launchpad.net/sane-project/sane-release/ubuntu">http://ppa.launchpad.net/sane-project/sane-release/ubuntu</a>

    focal InRelease<br>

    Hit:7 <a class="moz-txt-link-freetext" href="https://repo.skype.com/deb">https://repo.skype.com/deb</a> stable

    InRelease                              <br>

    Hit:8 <a class="moz-txt-link-freetext" href="http://archive.ubuntu.com/ubuntu">http://archive.ubuntu.com/ubuntu</a> focal-updates

    InRelease                 <br>

    Hit:10 <a class="moz-txt-link-freetext" href="http://archive.ubuntu.com/ubuntu">http://archive.ubuntu.com/ubuntu</a> focal-backports InRelease<br>

    Get:11

    <a class="moz-txt-link-freetext" href="http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04">http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04</a> 

    InRelease [1,509 B]<br>

    Err:11

    <a class="moz-txt-link-freetext" href="http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04">http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04</a> 

    InRelease<br>

      The following signatures were invalid: EXPKEYSIG 23E07629B9E3C9E4

    home:pzz OBS Project <a class="moz-txt-link-rfc2396E" href="mailto:home:pzz@build.opensuse.org"><home:pzz@build.opensuse.org></a><br>

    Reading package lists... Done<br>

    W: GPG error:

    <a class="moz-txt-link-freetext" href="http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04">http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04</a> 

    InRelease: The following signatures were invalid: EXPKEYSIG

    23E07629B9E3C9E4 home:pzz OBS Project

    <a class="moz-txt-link-rfc2396E" href="mailto:home:pzz@build.opensuse.org"><home:pzz@build.opensuse.org></a><br>

    E: The repository

    '<a class="moz-txt-link-freetext" href="http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04">http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04</a> 

    InRelease' is not signed.<br>

    N: Updating from such a repository can't be done securely, and is

    therefore disabled by default.<br>

    N: See apt-secure(8) manpage for repository creation and user

    configuration details.<br>

    <p><br>

    </p>

    <p>2. I am using the openSUSE build service to aquire a prebuilt

      binary package of sane-airscan and have the following sources

      entry added in Update Manager -> Software Sources -> deb

      <a class="moz-txt-link-freetext" href="http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04/">http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04/</a>

      /</p>

    <p>3. I typically update the desktop here every few days and have

      had no signature issues for quite some time.</p>

    <p>4. I did attempt the following by using GUI: Update Manager ->

      Software Sources -> Maintenance -> Add missing keys <br>

    </p>

    <p>5. I then attempted to once again update APT cache within update

      manager (not bash terminal this time) with the following error

      output: <b>Failed to download repository information </b>the

      following dialog is shown below this message -> W:GPG error:

      <a class="moz-txt-link-freetext" href="http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04">http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04</a> 

      InRelease: The following signatures were invalid: EXPKEYSIG

      23E07629B9E3C9E4 home:pzz OBS Project

      <a class="moz-txt-link-rfc2396E" href="mailto:home:pzz@build.opensuse.org"><home:pzz@build.opensuse.org></a>, E:The repository

      '<a class="moz-txt-link-freetext" href="http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04">http://download.opensuse.org/repositories/home:/pzz/xUbuntu_20.04</a> 

      InRelease' is not signed.</p>

    <p>I am wondering of what is the best step to proceed with this

      matter? I understand that I could possibly disable the repository

      quite easily in update manager. Then I would no longer receive

      updates for sane-airscan though. I thank you for help with this if

      able.</p>

    <p>-Best Wishes<br>

    </p>

  </body>

</html>