Start Free TrialLog in
Avatar of Alan
AlanFlag for New Zealand

asked on 

Ubuntu Desktop - 20.04LTS - Apt Update Errors

Hi All,


I have an Ubuntu Desktop 20.04LTS (Focal Fossa 20.04.3) machine that is failing to properly run 'apt update'.


I am getting the following when running 'apt update':

$ sudo apt update

Ign:1 https://security.ubuntu.com/ubuntu focal-security InRelease                           

Err:2 https://security.ubuntu.com/ubuntu focal-security Release                             
  Could not handshake: A TLS fatal alert has been received. [IP: 31.170.160.150 443]

Err:3 http://nz.archive.ubuntu.com/ubuntu focal InRelease
  Could not resolve 'nz.archive.ubuntu.com'

Err:4 http://nz.archive.ubuntu.com/ubuntu focal-updates InRelease
  Could not resolve 'nz.archive.ubuntu.com'

Err:5 http://nz.archive.ubuntu.com/ubuntu focal-backports InRelease
  Could not resolve 'nz.archive.ubuntu.com'

Reading package lists... Done

E: The repository 'https://security.ubuntu.com/ubuntu focal-security Release' no longer has a Release file.

N: Updating from such a repository can't be done securely, and is therefore disabled by default.

N: See apt-secure(8) manpage for repository creation and user configuration details.

Open in new window


$ lsb_release -a

No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04.3 LTS
Release:    20.04
Codename:   focal

Open in new window


Checking the IP:


$ dig @8.8.8.8 -t any security.ubuntu.com

; <<>> DiG 9.16.1-Ubuntu <<>> @8.8.8.8 -t any security.ubuntu.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64332
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;security.ubuntu.com.       IN  ANY

;; ANSWER SECTION:
security.ubuntu.com.    59  IN  AAAA    2001:67c:1562::18
security.ubuntu.com.    59  IN  AAAA    2001:67c:1562::15
security.ubuntu.com.    59  IN  A   91.189.91.38
security.ubuntu.com.    59  IN  A   91.189.91.39

;; Query time: 288 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Aug 23 22:25:57 NZST 2021
;; MSG SIZE  rcvd: 136

Open in new window

$ dig -t any security.ubuntu.com

; <<>> DiG 9.16.1-Ubuntu <<>> -t any security.ubuntu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10286
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;security.ubuntu.com.       IN  ANY

;; ANSWER SECTION:
security.ubuntu.com.    19  IN  A   91.189.91.39
security.ubuntu.com.    19  IN  A   91.189.91.38

;; Query time: 16 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Mon Aug 23 22:30:44 NZST 2021
;; MSG SIZE  rcvd: 80

Open in new window

Odd / interesting that the IP address reported when 'apt' tries to run the update is not the same as when I query DNS locally and also Google's DNS (8.8.8.8).  I get the same IPs from 'dig' and 'ping' - different than 'apt' reports.


I am therefore thinking this is a DNS issue, but that leads to the question:  Why would 'apt' not be resolving the IPs the same as 'ping' and 'dig'?


If necessary, I'll just wipe the machine and start from scratch - it is only running a local mail server for the scanners to talk to and then forwarding emails on, so I could probably wipe and re-create in an hour or so, but I am intrigued as to what is going wrong - seems like a learning opportunity!


Thanks,


Alan.



UbuntuLinuxLinux OS DevLinux Distributions
Avatar of undefined
Last Comment
rindi
ASKER CERTIFIED SOLUTION
Avatar of David Favor
David Favor
Flag of United States of America image
Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of Alan
Alan
Flag of New Zealand image

ASKER

Hi David,

Thanks for that - hard to believe!

Do you know why 'apt' night be reporting a different IP than 'dig' and 'ping'?

Thanks,

Alan.
Avatar of arnold
arnold
Flag of United States of America image
One possibility is the sevurity.ubuntu.com redirects to other destination.

Have to test.

will come back
Avatar of rindi
rindi
Flag of Switzerland image
The only thing I can currently think of is that the site is doing some servicing, & therefore it is currently down. I'm sure things will work again after a while.
Linux
Linux

Linux is a UNIX-like open source operating system with hundreds of distinct distributions, including: Fedora, openSUSE, Ubuntu, Debian, Slackware, Gentoo, CentOS, and Arch Linux. Linux is generally associated with web and database servers, but has become popular in many niche industries and applications.

71K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts

  • "Invaluable tool for our organization"

    Josh Regalski

  • "Your help has saved me hundreds of hours of internet surfing."

    @fblack61

  • "Just a dang good service!"

    @golferski

  • "Worth every penny."

    Steve Hougom

  • "It’s been a life saver."

    Maria Halt

  • "Best support site I’ve seen!"

    Bob Schneider

  • "I would be lost without them."

    @fblack61

  • "Saved my job multiple times."

    Walt Forbes

  • "I love this site."

    Maria Duwe

  • "Friendly respectful help."

    Andrew Kowtalo

  • "Such top-notch experts."

    @magento

  • "The best money I have ever spent."

    @rwheeler23

  • "Beyond any comprehensible value"

    George Morris

  • "Invaluable tool for our organization"

    Josh Regalski

Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo
© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent