An error info occur when to execute apt-get update .
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used.
GPG error: http://download.virtualbox.org jessie InRelease: The following
signatures couldn't be verified because the public key is not available:
NO_PUBKEY A2F683C52980AECF
I found an answer:
gpg --keyserver key_server_name --recv-keys A2F683C52980AECF
gpg --armor --export A2F683C52980AECF| apt-key add -
There are two pool.sks-keyservers.net and keys.gnupg.net among many public key servers, are they equal?
gpg --keyserver pool.sks-keyservers.net --recv-keys A2F683C52980AECF
gpg --keyserver keys.gnupg.net --recv-keys A2F683C52980AECF
Do the two commands take same effect?
Most OpenPGP key servers are integrated in the SKS key server pool and exchange keys among each other. You can have a look at the pool status pages to get an overview of the contained servers.
pool.sks-keysevers.netresolves to a (weighted) random choice of those servers.Actually,
keys.gnupg.netis a simple alias forpool.sks-keyservers.net(technically speaking, aCNAMEto this domain):In the end, it does not matter which server you choose, as long as it is contained in the pool. Using
pool.sks-keyservers.netis a safe choice, andkeys.gnupg.netis equivalent.A typical answer of a key server that is not synchronizing is the PGP Global Directory, which also performs a simple ownership verification of the mail addresses contained.
Key servers exchange keys. That is why it does not matter which server to use.
There's now also
keys.openpgp.orgwhich deliberately is NOT part of the SKS server pool:See also this blog post for more background.