apt update Ign and 404 Not Found

1. 环境及目标

环境：在Ubuntu 24.04.1 LTS系统上通过virt-manager启动了debian系统，网络为NAT，可以连通互联网

---

2. 问题描述及原因分析

执行命令

apt update

输出如下信息：

Ign:1 http://mirrors.ustc.edu.cn/debian buster InRelease
Err:2 http://mirrors.ustc.edu.cn/debian buster Release
  404  Not Found [IP: 218.104.71.170 80]
Reading package lists... Done
E: The repository 'http://mirrors.ustc.edu.cn/debian buster Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

怀疑是网络问题，进行了ping测试，网络正常能ping通，网络没问题。

那只有可能是源的问题了，中途更换过其他源，也是不能正常工作。故怀疑签名可能过期，要在 apt update 时关闭验证：

apt -o Acquire::Check-Valid-Until=false update

执行结果如下：

Get:1 http://mirrors.ustc.edu.cn/debian bullseye InRelease [75.1 kB]
Get:2 http://mirrors.ustc.edu.cn/debian-security bullseye-security InRelease [27.2 kB]
Err:1 http://mirrors.ustc.edu.cn/debian bullseye InRelease
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D386FA1D9 NO_PUBKEY 6ED0E7B82643E131 NO_PUBKEY 605C66F00D6C9793
Err:2 http://mirrors.ustc.edu.cn/debian-security bullseye-security InRelease   
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 54404762BBB6E853 NO_PUBKEY BDE6D2B9216EC7A8
Reading package lists... Done                                                  
W: GPG error: http://mirrors.ustc.edu.cn/debian bullseye InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 0E98404D
386FA1D9 NO_PUBKEY 6ED0E7B82643E131 NO_PUBKEY 605C66F00D6C9793
E: The repository 'http://mirrors.ustc.edu.cn/debian bullseye InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://mirrors.ustc.edu.cn/debian-security bullseye-security InRelease: The following signatures couldn't be verified because the public key is not available: 
NO_PUBKEY 54404762BBB6E853 NO_PUBKEY BDE6D2B9216EC7A8
E: The repository 'http://mirrors.ustc.edu.cn/debian-security bullseye-security InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

在错误很明确：缺少 Debian Bullseye 的签名公钥。APT 默认会校验 Release 文件签名，文件系统里面GPG key 太老了，Bullseye 的 key 不存在，所以报 NO_PUBKEY。

手动导入公钥：

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E98404D386FA1D9
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 6ED0E7B82643E131
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 605C66F00D6C9793
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 54404762BBB6E853
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys BDE6D2B9216EC7A8

3. 解决方案

手动导入公钥：

apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E98404D386FA1D9
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 6ED0E7B82643E131
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 605C66F00D6C9793
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 54404762BBB6E853
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys BDE6D2B9216EC7A8