Kali Linux administrators who haven’t manually updated the signing key for the operating system’s repository are going to find that they can’t get updates.
This comes after the overseers of the open source distribution aimed at penetration testers and other infosec pros admitted this week that they lost access to the signing key for the Kali repository, and had to roll out a new one.
“This is entirely our fault,” Kali acknowledged in a blog.
In fact, the incident happened over a week ago, and Kali had to freeze the update repository on April 18, when a new signing key was created. That’s why no one has been impacted yet. However, this week the repository will be available, and those who don’t have the new signing key will find they can’t do automatic updates.