Kali Linux Users Urged to Manually Install New Repository Signing Key After Key Loss
Ddos 
The renowned penetration testing distro Kali Linux recently issued a warning, advising users to manually install the repository signing key to avoid update failures—a situation arising from the inadvertent loss of the old signing key, ED444FF07D8D0BF6, by its developer, Offensive Security.
Following the loss, the developers created a new key, ED65462EC8D5E4C5, using signatures from the Ubuntu OpenPGP keyserver. Since the key was lost rather than compromised, the old key remains valid and has not been revoked.
Kali Linux’s loss of its repository signing key has rendered all users unable to perform standard updates, necessitating the manual installation of the new key.
Offensive Security disclosed that the Kali Linux repository was frozen on February 18, 2025, likely marking the time of the key’s loss. In the coming days, nearly all Kali Linux systems will encounter update failures, with errors indicating the absence of key 827C8569F2518CC677FECA1AED65462EC8D5E4C5—essential for verifying repository signatures.
To prevent disruption, users must manually download and install the newly generated signing key. Only by doing so can they ensure the continuity of updates; otherwise, Kali Linux systems may be unable to install future packages, exposing them to potential security risks.
Offensive Security has also provided detailed guidance on verifying checksum matches and inspecting the updated keyring. For those who are hesitant to manually update the keyring, it is recommended to reinstall Kali Linux using an updated image embedded with the new key.
It is worth noting that this is not the first instance of such an issue. In 2018, Kali Linux developers allowed a GPG key to expire, similarly requiring users to manually update their keys to maintain update functionality. However, at that time, the issue stemmed from key expiration due to infrequent updates, rather than key loss, leading to mismatches within the keyring.
OffSec recommends manually downloading and installing the new repository signing key with this command to prevent update problems:
sudo wget https://archive.kali.org/archive-keyring.gpg -O /usr/share/keyrings/kali-archive-keyring.gpg
Donate