Signature verification error during apt update

gdavids · February 1, 2026, 7:38pm

I “upgraded” (in-place, not a re-image) from Bullseye to Trixie some months ago and have had no apparent issues until today.

When I run sudo apt update, get this error below:

Hit:5 ``https://www.flightaware.com/adsb/piaware/files/packages`` bookworm InRelease
Err:5 ``https://www.flightaware.com/adsb/piaware/files/packages`` bookworm InRelease
Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 4E49CAF6B9F2BF8FC240E4BAB931BB28DE85F0DD is not bound: No binding signature at time 2025-06-30T15:04:16Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z
All packages are up to date.
Warning: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. OpenPGP signature verification failed: ``https://www.flightaware.com/adsb/piaware/files/packages`` bookworm InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 4E49CAF6B9F2BF8FC240E4BAB931BB28DE85F0DD is not bound: No binding signature at time 2025-06-30T15:04:16Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z
Warning: Failed to fetch ``https://flightaware.com/adsb/piaware/files/packages/dists/bookworm/InRelease`` Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on 4E49CAF6B9F2BF8FC240E4BAB931BB28DE85F0DD is not bound: No binding signature at time 2025-06-30T15:04:16Z because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance because: SHA1 is not considered secure since 2026-02-01T00:00:00Z
Warning: Some index files failed to download. They have been ignored, or old ones used instead.

The flight aware sources file contains this

This file is automatically generated by the flightaware-apt-repository package

to point to the correct FlightAware repository for the currently installed Debian OS.

Any changes made to this file will be lost when flightaware-apt-repository is reconfigured.



To disable generation of this file:

purge the flightaware-apt-repository package; or

set ENABLED=no in /etc/default/flightaware-apt-repository; or

rename this file to /etc/apt/sources.list.d/flightaware-apt-repository.list.disabled

deb [ signed-by=/usr/share/keyrings/flightaware-archive-keyring.gpg ] https://flightaware.com/adsb/piaware/files/packages>

I assume my local flightaware-archive-keyring.gpg is perhaps out of date/incorrect.

Does anyone know how I can correct this error?

Thanks in advance!

Graeme

abcd567 · February 1, 2026, 10:23pm

On Raspberry Pi OS Trixie
(OS written on a blank microSD card using RPi Imager)

FLIGHTAWARE

FLIGHTRADAR24

PIAWARE FROM MY PPA AT GITHUB

Click Here: Debian 13

gdavids · February 1, 2026, 10:48pm

Thanks for looking into this. I’ve since read that Debian 13 (Trixie) considers SHA1 insecure starting 1 Feb 2026. It would seem the repository .gpg key needs updating for Trixie!

abcd567 · February 2, 2026, 2:06am

The gpg key at my Github PPA meets this requirement, hence the apt can update it without any issue, and the 64-bit (arm64 & amd64) piaware, dump1090-fa, dump978-fa and piaware-web can be installed on 64-bit (arm64 & amd64) Trixie without any problem.

abcd567 · February 2, 2026, 2:13pm

Flightradar24 has just now provided following method to download and install their updated gpg key on Trixie:

NOTE :
The 2nd command below is very long. Scroll right to see and copy it in full

sudo -s

wget -O- https://repo-feed.flightradar24.com/flightradar24.2026.pub | gpg --dearmor > /etc/apt/keyrings/flightradar24.gpg

apt-get update

FR24 New Key Data (for information only)

gdavids · February 3, 2026, 8:59am

I wonder if FlightAware will consider doing the same for the bookworm repository. My Pi is still pointing to the Bookworm repository for updates despite being on Trixie and I appreciate I now have a non-standard setup…

I’ve now extended the SHA1 acceptance policy by another 6 months on my installation in case any updates/fixes get released in that that time

Thanks again for the feedback!

abcd567 · February 3, 2026, 2:21pm

Compare the gpg Keys

(1) Flightaware CURRENT Key

(2) Flightradar24 OLD Key

(3) Flightradar24 NEW Key

Topic		Replies	Views
Issue cleaning up apt-key errors ADS-B Flight Tracking	2	1592	February 12, 2025
Repository No Longer Signed FlightAware	9	678	October 24, 2025
Raspberry Pi 3A+ Debian 9.0.1 add-on Update Error [RESOLVED] ADS-B Flight Tracking	19	1124	April 2, 2025
Error updating flightaware ADS-B Flight Tracking	4	336	May 18, 2025
PiAware Installation fails FlightAware	1	146	October 23, 2025

Signature verification error during apt update

On Raspberry Pi OS Trixie (OS written on a blank microSD card using RPi Imager)

Click Here: Debian 13

Compare the gpg Keys

Related topics

On Raspberry Pi OS Trixie
(OS written on a blank microSD card using RPi Imager)