error message 'gpg: no valid OpenPGP data found'

[nick1981]

Hi,

When trying to execute:

sudo curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -

I get the error messages:

gpg: WARNING: nothing exported
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
Error executing command, exiting

These error messages are shown after this command:

## Adding the NodeSource signing key to your keyring...
+ curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -

My linux version:

Linux debian94 4.9.0-6-amd64 #1 SMP Debian 4.9.88-1+deb9u1 (2018-05-07) x86_64 GNU/Linux

Here is the full output:

~$ sudo curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -

## Installing the NodeSource Node.js 10.x repo...


## Populating apt-get cache...

+ apt-get update
Hit:1 http://security.debian.org stretch/updates InRelease
Ign:2 http://ftp.us.debian.org/debian stretch InRelease
Hit:3 http://ftp.us.debian.org/debian stretch-updates InRelease
Hit:4 http://ftp.us.debian.org/debian stretch Release
Get:6 http://linux.teamviewer.com/deb stable InRelease [9,357 B]
Ign:7 http://dl.google.com/linux/chrome/deb stable InRelease             
Ign:6 http://linux.teamviewer.com/deb stable InRelease                   
Get:8 http://linux.teamviewer.com/deb preview InRelease [9,358 B]
Get:9 http://dl.google.com/linux/chrome/deb stable Release [1,189 B]
Ign:8 http://linux.teamviewer.com/deb preview InRelease       
Get:10 http://dl.google.com/linux/chrome/deb stable Release.gpg [819 B]
Ign:10 http://dl.google.com/linux/chrome/deb stable Release.gpg
Hit:11 http://dl.google.com/linux/chrome/deb stable/main amd64 Packages
Ign:11 http://dl.google.com/linux/chrome/deb stable/main amd64 Packages
Hit:11 http://dl.google.com/linux/chrome/deb stable/main amd64 Packages
Fetched 20.7 kB in 9s (2,121 B/s)
Reading package lists... Done
W: http://security.debian.org/dists/stretch/updates/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://ftp.us.debian.org/debian/dists/stretch-updates/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://ftp.us.debian.org/debian/dists/stretch/Release.gpg: The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: http://linux.teamviewer.com/deb/dists/stable/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://linux.teamviewer.com/deb stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C5E224500C1289C0
W: The repository 'http://linux.teamviewer.com/deb stable InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: http://linux.teamviewer.com/deb/dists/preview/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://linux.teamviewer.com/deb preview InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C5E224500C1289C0
W: The repository 'http://linux.teamviewer.com/deb preview InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: http://dl.google.com/linux/chrome/deb/dists/stable/Release.gpg: The key(s) in the keyring /etc/apt/trusted.gpg are ignored as the file is not readable by user '_apt' executing apt-key.
W: GPG error: http://dl.google.com/linux/chrome/deb stable Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 1397BC53640DB551
W: The repository 'http://dl.google.com/linux/chrome/deb stable Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

## Confirming "stretch" is supported...

+ curl -sLf -o /dev/null 'https://deb.nodesource.com/node_10.x/dists/stretch/Release'

## Adding the NodeSource signing key to your keyring...

+ curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add -
gpg: WARNING: nothing exported
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
Error executing command, exiting

Could anyone please help?

[chrislea]

Can you see the file:

https://deb.nodesource.com/gpgkey/nodesource.gpg.key

from the target machine?

[chrislea]

The error you're seeing @nmaludy is coming from the libuv package in the EPEL repository. We don't have any control over that.

[jhermann]

One part of the puzzle is to install "ca-certificates" into minimal environments (e.g. stripped-down docker base images) before the curl call.

Full example: https://github.com/1and1/debianized-jupyterhub/blob/156af2a5564bc1a42513bb3180c33aa9563e4bad/Dockerfile.run#L22-L33

[chrislea]

Yes, you need ca-certificates to communicate with things securely. Closing.