Ghostboard pixel
Latest news
Development Updates

Kali Linux Users Need to do This Right Away!

Kali Linux users need to take note.

Sourav Rudra
kali linux logo on left, apt illustration with a box and a key on the right
2 min read

There aren't many rolling release distros that are designed for penetration testing, ethical hacking, and digital forensics.

Kali Linux caters to this niche by being a purpose-built distro with a wide arsenal of security tools, allowing cybersecurity professionals and enthusiasts to perform penetration testing.

The people behind it recently shared an important development that affects all Kali Linux users.

What's Happening: The Kali Linux team has lost access to their previous repository signing key, which was used to verify the authenticity of packages during updates. As a result, in the coming days, running apt update is going to fail for all Kali Linux users out there.

They have already generated a new key, which has most likely gone through extensive testing and validation so that users don't have a bad experience when migrating.

How to Fix: Mending this impending issue is easy; you just have to add the new signing key to your Kali Linux keyring.

You can either run this in the terminal:

sudo wget https://archive.kali.org/archive-keyring.gpg -O /usr/share/keyrings/kali-archive-keyring.gpg

Or, this, if you prefer curl:

sudo curl https://archive.kali.org/archive-keyring.gpg -o /usr/share/keyrings/kali-archive-keyring.gpg

The video below shows the wget method. 👇

0:00
/0:10

After you are done, you should verify that the updated keyring contains both the old signing key: ED444FF07D8D0BF6 and the new signing key: ED65462EC8D5E4C5. The old one is around because it was never compromised, and it is there to make sure there is no breakage with packages signed with it.

Lastly, run sudo apt update to see if it throws any errors.

verifying the newly added signing key and running sudo apt update without errors on kali linux

Alternatively, you can download the 2025.1c image or the weekly Kali Linux images (2025-W17 and later) to get the new signing key. These images are identical to the previous releases, but with this new change.

Kali Linux

If you want to verify whether the new key is legit, then you can visit the Ubuntu OpenPGP Keyserver.

Suggested Read 📖

9 Best Rolling Release Linux Distributions
Want to get your hands on the latest and greatest of Linux kernel and software? Here are a few recommendations on best rolling release Linux distributions.
It's FOSSAbhishek Prakash
🎗️
Here's why you should opt for It's FOSS Plus Membership:

- Even the biggest players in the Linux world don't care about desktop Linux users. We do.
- We don't put informational content behind paywall. Your support keeps it open for everyone. Think of it like 'pay it forward'.
- Don't like ads? With the Plus membership, you get an ad-free reading experience.
- When millions of AI-generated content is being published daily, you read and learn from real human Linux users.
- It costs just $2 a month, less than the cost of your favorite burger.

Become a Plus Member today and join over 300 people in supporting our work.
Published in: Development Updates
Author
Sourav Rudra

Sourav Rudra

A nerd with a passion for open source software, building custom gaming rigs/workstations, motorsports, and more.

View articles

Read next

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to It's FOSS News.

Your link has expired.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.