Debian Package Management Cheat Sheet

  • List version of an installed package: dpkg -s docker-ce | grep Version
  • Show all available versions of a package: apt-cache madison <package>

Packages being held back because of phasing

Run the following command replacing the package in question

apt-get --with-new-pkgs upgrade <package-name

The following packages have been kept back

Try the following, in order. Each is less risky than the next. Stop as soon as you have fixed the problem.

Solution 1

apt-get --with-new-pkgs upgrade <list of packages kept back
Continue reading “Debian Package Management Cheat Sheet”

[SOLVED] debsig-verify for Failed verification error, “signatures using the SHA1 algorithm are rejected” and “Can’t check signature: Invalid digest algorithm”

If you are using debsig-verify for the verification of a downloaded .deb file and are unable to verify it, run it with the -d option to get more information. If you see the following two lines

gpg: Note: signatures using the SHA1 algorithm are rejected
gpg: Can't check signature: Invalid digest algorithm

It is likely that the PGP signature used to sign the package uses the SHA1 algorithm which has been deprecated in most of the recent Linux distros. If → Continue reading “[SOLVED] debsig-verify for Failed verification error, “signatures using the SHA1 algorithm are rejected” and “Can’t check signature: Invalid digest algorithm””