Brave Browser Lost Public Key

Support and Help
1

Lubuntu 24.04 LTS (uncertain if this is Lubuntu specific)

Is there a way to keep the public key updated?

```
```
wyatt@wyatt-82xb:~$    sudo /home/wyatt/Desktop/Upd-Upg.sh
[sudo] password for wyatt:           
W: GPG error: https://brave-browser-apt-release.s3.brave.com stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0686B78420038257
E: The repository 'https://brave-browser-apt-release.s3.brave.com stable InRelease' is not signed.
wyatt@wyatt-82xb:~$ 
```
```
2

Take a look at https://brave.com/linux/#release . The second command in the the block titled ‘Debian, Ubuntu, Mint’ is the command to download the key. (first command: install curl, second command: get the key(s), third command: get a repository description for apt, fourth command: update local apt database from repositories, fifth command: install brave)

4 Likes
3

Exactly this! It’s a little surprising this wasn’t caught by Brave, but then again life happens!

4

I just learned the below about my hardware setup.
I’m almost thinking that I’m gonna need to change my whole set up around.
If I am indeed using the “experimental arm64 image”, I may need to switch to “stable” or “release”.

If I need to switch, should I do the above steps after switching or should it matter?

5

I think that is a misunderstanding on your part. The Thinkpad X13s is a machine with an Arm-based Qualcomm Snapdragon Processor (that means it uses a processor that’s not even remotely compatible with Intel / AMD X86; you usually find ARM-Processors in Smartphones or on single board computers (e.g. raspberry pie,although that uses an ARM design manufactured by Broadcomm)) and it’s known to have a problem with low volume. Unless you have the same processor in your Ideapad (not impossible, there’s for example the ‘IdeaPad 5x Slim’ and some of the ‘Yoga’ line of devices) and similar sound hardware, the fix in the article you’re quoting is very unlikely to work on your device.

… And since I started writing this you posted the output of ‘lshw’ for your machine in the other thread, so now I’m certain that you don’t have a Snapdragon processor …

6

Does that mean I can safely proceed with the provided Brave guidance?

7

As far as I know you can.

1 Like
8

How can I ensure the key(s) and other things stay “current”?

Release vs Nightly:

How to learn which one my Lubuntu machine will be “happiest” with?

9

It looks like I didn’t do something correctly.
Was I supposed to do something before running commands on that page, like…


sudo apt-get autopurge *brave-browser



wyatt@wyatt-82xb:~$    sudo /home/wyatt/Desktop/Upd-Upg.sh > /home/wyatt/Desktop/Upd-Upg.txt
[sudo] password for wyatt:           
W: Target Packages (main/binary-amd64/Packages) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target Packages (main/binary-all/Packages) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target Translations (main/i18n/Translation-en_US) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target Translations (main/i18n/Translation-en) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11 (main/dep11/Components-amd64.yml) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11 (main/dep11/Components-all.yml) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11-icons-small (main/dep11/icons-48x48.tar) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11-icons (main/dep11/icons-64x64.tar) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11-icons-hidpi (main/dep11/icons-64x64@2.tar) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11-icons-large (main/dep11/icons-128x128.tar) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target CNF (main/cnf/Commands-amd64) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target CNF (main/cnf/Commands-all) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target Packages (main/binary-amd64/Packages) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target Packages (main/binary-all/Packages) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target Translations (main/i18n/Translation-en_US) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target Translations (main/i18n/Translation-en) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11 (main/dep11/Components-amd64.yml) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11 (main/dep11/Components-all.yml) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11-icons-small (main/dep11/icons-48x48.tar) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11-icons (main/dep11/icons-64x64.tar) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11-icons-hidpi (main/dep11/icons-64x64@2.tar) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target DEP-11-icons-large (main/dep11/icons-128x128.tar) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target CNF (main/cnf/Commands-amd64) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
W: Target CNF (main/cnf/Commands-all) is configured multiple times in /etc/apt/sources.list.d/brave-browser-release.list:1 and /etc/apt/sources.list.d/brave-browser-release.sources:1
wyatt@wyatt-82xb:~$
10

Those messages are coming from only two file’s not being removed during cleanup by Stacer, Bleachbit, or anything like “clean” “autoclean” “autoremove” “autopurge”.

After manually removing, I ran all cleaners and updates again, rebooted, then ran the command’s at the link provided

Now to see if the new brave-browser install is throwing those original errors. I’ll report the results in my next post.

I had to manually remove them by using

sudo rm /etc/apt/sources.list.d/brave-browser-release.sources
sudo rm /etc/apt/sources.list.d/brave-browser-release.list

11

Can the public key and repository be maintained automicaly?

No more warnings or error’s about brave-browser stuff.
That cleaned everything up.

12

I think removing only one of them would have cleaned up the problem. They are either identical in content or both define the same repository in slightly different format. This confuses apt and makes it abort.

Regarding the questions of how to keep keys up to date: you usually don’t have to. Keys are only changed when there’s reason to believe they have in some way become compromised.

A bit of background: the key you’ve got is one half of a pair of encryption keys. This one is called the ‘public key’, the other half of the pair is the ‘private key’. Anything encrypted with one key can be decrypted with the other and vice versa. Now encryption is rather calculation intensive, so instead of encrypting all the data or all the metadata you just generate a checksum for your data and encrypt that. This encrypted checksum is called the signature. When downloading you calculate the checksum yourself and get the signature, decrypt it and compare it to the calculated checksum. If those match, you can be reasonably sure that the downloaded data hasn’t changed since the signature was created. For various reasons the packages themselves aren’t signed, but the metadata you download when doing an ‘apt update’ is. So the only reason to change the key(s) is either loss of the private key or a compromise i.e. somehow someone else got a copy of the private key and can impersonate the maintainer of the archive. These things happen very rarely.

1 Like
13

So which one is best to remove, sources or list? Or does it not matter?

14

On my better 1/2’s Lubuntu, sources returned the “No such file or directory” message.

However, running the “list” command, then running cleaners, updates and upgrades did the trick.

Marking this thread as solved.

15

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.