A typical error message indicating this issue appears as follows:
W: GPG error: http://mirrors.example.com jessie Release: The following signatures were invalid: KEYEXPIRED 1668891673
Because the SSH service is not installed or running, direct remote access is impossible. Linux Deploy provides alternative access methods through its built-in HTTP and Telnet daemons, allowing administrators to intervene and force the installation of missing packages.
Method 1: Accessing via the Web Terminal
Linux Deploy includes a lightweight web server that hosts a terminal interface. To enable it, adjust the application settings:
- Enable HTTP Daemon: Set to true.
- Port: Define a port (e.g., 5080).
- Access Restriction: Configure a whitelist. For local access, use
A:127.0.0.1followed byD:*to deny all others.
Once configured, navigate to the terminal endpoint using a browser on the Android device:
http://127.0.0.1:5080/cgi-bin/terminal
If the default Android browser renders the page incorrectly, a modern browser like Firefox can be used. Alternatively, modify the access restrictions to allow connections from a desktop computer on the same network.
Method 2: Remote Access via Telnet
Alternative, a Telnet daemon can be activated for remote shell access:
- Enable Telnet Daemon: Set to true.
- Port: Define a port (e.g., 5023).
- Localhost Only: Set to false to permit external connections.
Connect from a client machine on the network:
telnet <device_ip_address> 5023
Executing the Repair
Upon connecting via Web or Telnet, the shell environment is the Android host system, not the Linux container. Linux Deploy provides a command-line utility, typically located in the data directory, to manage the container.
First, ensure the container is mounted and running:
# Mount the container file system
linuxdeploy mount
# Start the container environment
linuxdeploy start
To bypass the GPG key validation error and install the SSH server, use the shell subcommand. This executes commands inside the container context. The --force-yes flag is required to ignore the expired signature.
# Install OpenSSH server ignoring authentication warnings
linuxdeploy shell -d -u <your_username> "sudo apt-get install -y --force-yes openssh-server"
After the installation completes, the SSH daemon should start automatically, anabling standard remote access via port 22.
Permanent Solution for EOL Repositories
Since legacy distributions like Jessie no longer recieve updates, repository validation will continue to fail for future package operations. To permanently disable GPG signature validation for apt, create a configuration file:
echo 'APT::Get::AllowUnauthenticated "true";' | sudo tee /etc/apt/apt.conf.d/99disable-gpg-check
This configuration allows the package manager to operate without strict key verification, which is a necessary trade-off for maintaining an EOL environment.