On April 28th Kali announced the rolling of a new signing key for the Kali repository. As a result, any existing installation will fail with the error GPG Error, the repository is not signed, when trying to update the repositories using the sudo apt update command:
Err:1 http://kali.download/kali kali-rolling InRelease
The following signatures couldn't be verified because the public key is not
available: NO_PUBKEY ED65462EC8D5E4C5
Warning: GPG error: http://kali.download/kali kali-rolling InRelease: The fol
lowing signatures couldn't be verified because the public key is not availabl
e: NO_PUBKEY ED65462EC8D5E4C5
Error: The repository 'http://http.kali.org/kali kali-rolling InRelease' is n
ot signed.
Notice: Updating from such a repository can't be done securely, and is theref
ore disabled by default.
Notice: See apt-secure(8) manpage for repository creation and user configurat
ion details.
Notice: Repository 'Kali Linux' changed its 'firmware component' value from
non-free' to 'non-free-firmware'
Notice: More information about this can be found online at: https://ww.kali.
org/blog/non-free-firmware-transition/As stated on the official blog, to fix this issue, the new key should be manually installed using the following command:
sudo wget https://archive.kali.org/archive-keyring.gpg -O /usr/share/keyrings/kali-archive-keyring.gpgThis is the only required action. After that, sudo apt update will function as it did before.
