Fixing Kali Linux apt update Errors (404 / NO_PUBKEY) — Step-by-Step POC

When working with Kali Linux, especially after installing it from an older ISO or snapshot, you may suddenly face errors while updating…

Prakash Thakur

~2 min read · December 21, 2025 (Updated: December 21, 2025) · Free: Yes

When working with Kali Linux, especially after installing it from an older ISO or snapshot, you may suddenly face errors while updating the system. I personally encountered this issue when running a simple update command, and the errors completely blocked further upgrades.

This article documents a clean Proof of Concept (POC) to fix Kali Linux apt errors such as 404 Not Found, NO_PUBKEY, and repository not signed.

Problem Statement

Running:

sudo apt update

Results in errors like:

NO_PUBKEY ED65462EC8D5E4C5
The repository is not signed
Updating from such a repository can't be done securely

Or multiple:

Failed to fetch http://http.kali.org/... 404 Not Found

Because of this, Kali refuses to update or upgrade packages.

🔍 Why This Happens

This issue usually occurs due to one or more of the following reasons:

Kali installed from an older ISO
Repository signing key rotated
Incorrect or outdated /etc/apt/sources.list
Cached package lists pointing to non-existent packages

This is not a user mistake — it's a common Kali rolling-release issue.

🎯 Objective

Restore secure and working Kali repositories by:

Cleaning APT cache
Fixing repository configuration
Installing the official Kali GPG signing key
Successfully running apt update

🛠️ Step-by-Step Fix (POC)

✅ Step 1: Clean Existing APT Cache

sudo apt clean
sudo rm -rf /var/lib/apt/lists/*

This removes broken or outdated cached package lists.

✅ Step 2: Fix `sources.list`

Open the file:

sudo nano /etc/apt/sources.list

Delete everything inside the file, including:

deb-src lines
cdrom entries
commented old repos

Now paste ONLY this line:

deb [signed-by=/etc/apt/keyrings/kali-archive-keyring.gpg] http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware

Save and exit:

CTRL + O → Enter
CTRL + X

✅ Step 3: Install Kali Official GPG Key

sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://archive.kali.org/archive-key.asc | sudo gpg --dearmor -o /etc/apt/keyrings/kali-archive-keyring.gpg

This installs the trusted signing key used to verify Kali packages.

✅ Step 4: Update Package Lists

sudo apt update

🎉 Expected Output (Success)

You should now see

No NO_PUBKEY errors
No 404 Not Found
Repository marked as trusted

Example output:

Fetched XX.X MB in XXs
XXXX packages can be upgraded

🔄 Optional: Upgrade the System

Once updates work correctly, upgrade your system:

sudo apt full-upgrade -y

🧹 Optional Cleanup

sudo apt autoremove -y
sudo apt autoclean

🧠 Key Takeaways

Kali Linux is a rolling release
Repository signing keys change over time
Old ISOs often break during updates
This fix is safe, official, and recommended

🏁 Conclusion

This POC demonstrates how to recover Kali Linux from broken apt updates caused by missing GPG keys or outdated repositories. Following these steps restores secure package management and allows Kali to update normally.

If you're learning cybersecurity or using Kali daily, knowing how to fix this issue is extremely useful.

#kali-linux #linux-troubleshooting #apt-package-manager #cybersecurity-tools #ethical-hacking