When working with package repositories on Debian Stretch, you might encounter the frustrating "no valid OpenPGP data found" error when attempting to add GPG keys. This commonly occurs during Docker or other third-party software installations that require repository authentication.
The error typically manifests in three scenarios:
# Direct pipe method fails
curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
# Local file method fails
apt-key add docker.gpg
# Alternative key addition fails
apt-key add oracle_vbox_2016.ascBefore troubleshooting, verify your key file is intact:
# Check key structure
gpg --list-packets docker.gpg
# Verify checksum
shasum docker.gpgA valid key should show complete packet information without corruption warnings.
Try these alternative approaches when the standard methods fail:
# Method 1: Use gpg directly
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/docker-archive-keyring.gpg > /dev/null
# Method 2: Manual key installation
sudo gpg --no-default-keyring --keyring /usr/share/keyrings/docker-archive-keyring.gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 8D81803C0EBFCD88
# Method 3: Alternative download approach
wget https://download.docker.com/linux/debian/gpg
gpg --import gpgEnsure your system has the necessary components:
# Verify gpg installation
dpkg -l gnupg
# Check dirmngr status
systemctl status dirmngr
# Test keyserver connectivity
gpg --keyserver hkp://keyserver.ubuntu.com --send-keys 8D81803C0EBFCD88After successfully adding the key, configure your repository properly:
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] \
https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.listConfirm everything works with:
sudo apt-get update
apt-cache policy docker-ceWhen working with Debian Stretch, you might encounter the frustrating error message when trying to add GPG keys:
gpg: no valid OpenPGP data found
gpg: Total number processed: 0This typically happens when running commands like:
curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -or when trying to add local GPG key files.
First, let's verify whether the key itself is valid. The Docker GPG key should look like this when examined:
$ gpg --list-packets docker.gpg
:public key packet:
version 4, algo 1, created 1487788586, expires 0
pkey[0]: [4096 bits]
pkey[1]: [17 bits]
keyid: 8D81803C0EBFCD88If you get similar output, the key file itself is valid.
1. Network Issues
Try downloading the key directly first:
wget https://download.docker.com/linux/debian/gpg
gpg --import gpg2. GPG Version Conflicts
Debian Stretch might have compatibility issues with modern GPG keys. Check your version:
gpg --versionIf it's too old, consider upgrading:
sudo apt-get install gnupg23. Alternative Import Method
Instead of using apt-key add, try:
gpg --dearmor < docker.gpg | sudo tee /usr/share/keyrings/docker-archive-keyring.gpgThen add the repository like this:
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] \
https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list1. First, try a simple test with a known good key:
echo "-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFqB6G0BEADjCNbU3ow6...
-----END PGP PUBLIC KEY BLOCK-----" > test.key
apt-key add test.key2. Check if gpg-agent is running:
ps aux | grep gpg-agent3. Try importing with raw gpg:
gpg --import docker.gpgFor Debian Stretch, the most reliable method is:
1. Create the keyring directory:
sudo mkdir -p /usr/share/keyrings2. Download and convert the key:
curl -fsSL https://download.docker.com/linux/debian/gpg | \
sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg3. Add the repository:
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] \
https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" | \
sudo tee /etc/apt/sources.list.d/docker.listThis modern approach is more secure than using apt-key and works reliably on Debian Stretch.