nvidia repo signature verification failed

shawnsterp · January 8, 2020, 2:11pm

Forgive me if this is posted elsewhere, I did attempt to search the forums for this and did not see anything. Upon updating, I am getting the following message:

Retrieving repository 'nVidia Graphics Drivers' metadata ----------------------------------------------------------------------------------------------------------------------------------------------------------------\]
Signature verification failed for file 'repomd.xml' from repository 'nVidia Graphics Drivers'.

    Note: Signing data enables the recipient to verify that no modifications occurred after the data
    were signed. Accepting data with no, wrong or unknown signature can lead to a corrupted system
    and in extreme cases even to a system compromise.

    Note: File 'repomd.xml' is the repositories master index file. It ensures the integrity of the
    whole repo.

    Warning: This file was modified after it has been signed. This may have been a malicious change,
    so it might not be trustworthy anymore! You should not continue unless you know it's safe.

Signature verification failed for file 'repomd.xml' from repository 'nVidia Graphics Drivers'. Continue? [yes/no] (no):

A simple google search suggested that it may reconcile itself with time, so I waited 24 hours, and it is the same. Not sure how to proceed at this point. Is it safe to say yes and proceed with update? Do I need to do something to make the repo happy again? Thanks in advance.

hcvv · January 8, 2020, 2:16pm

Thse are two of the ones I found:
https://forums.opensuse.org/showthread.php/538705-KDE-software-updater-tray-icon-zypper-update https://forums.opensuse.org/showthread.php/538703-Signature-verification-failed

malcolmlewis · January 8, 2020, 2:40pm

Hi
An upstream ticket has been created: https://devtalk.nvidia.com/default/topic/1069515/linux/opensuse-rpm-repositories-are-broken-again-/

shawnsterp · January 8, 2020, 3:45pm

Sorry for the dumb question, but what did you search for to find those? “signature verification”? I think I may have just searched for nvidia and it came up empty. Just would rather not have to post these duplicate threads if I can avoid them. Anyway, thanks guys.

hcvv · January 8, 2020, 3:57pm

Well, what I would do is go to the different sub-forums that could fit, in this case Install/Boot/Login and Applications, maybe also Hardware. Because it must be recent, just glance through the titles of the first ten ot twenty.
And indeed, the keywords of your own title show up then, either or not in combination.

But I cheated. I am already online since about six hours. I have RSS feeds on a lot of sub-forums, thus already at about 10:00 my local time, I saw all the titles of all the new threads. And I opened most of them, thus I knew about this.

crmrhm · January 9, 2020, 4:45am

It was broken earlier for Leap 15.1, but is fixed now (3 AM 09 Jan UTC)