Offensive Security warned Kali Linux users to manually install a new Kali repository signing key to avoid experiencing update failures.

The announcement comes after OffSec lost the old repo signing key (ED444FF07D8D0BF6) and was forced to create a new one (ED65462EC8D5E4C5) signed by Kali Linux developers using signatures available on the Ubuntu OpenPGP key server. However, since the key was not compromised, the old one was not removed from the keyring.

When trying to get the list of latest software packages on systems still using the old key, users will see “Missing key 827C8569F2518CC677FECA1AED65462EC8D5E4C5, which is needed to verify signature” errors.