401 Errors doing apt-get on new Ubuntu server

Question

I've got a new copy of Ubuntu 10.04 server running and I'm not sure if it's connected to the internet correctly.

ifconfig shows I have an IP in my company's private network for eth0 (10.90.140.24)

Main problem:

When I try to do sudo apt-get install [anything] or update, I get 401 errors from the repository. The sources.list and apt.conf.d haven't been touched -- this is a clean install.

--

Here's a dump of apt-get:

sudo apt-get install lynx

Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  lynx-cur
Suggested packages:
  lynx-cur-wrapper
The following NEW packages will be installed:
  lynx lynx-cur
0 upgraded, 2 newly installed, 0 to remove and 62 not upgraded.
Need to get 1,482kB of archives.
After this operation, 5,456kB of additional disk space will be used.
Do you want to continue [Y/n]? Y
WARNING: The following packages cannot be authenticated!
  lynx-cur lynx
Install these packages without verification [y/N]? y
Err http://us.archive.ubuntu.com/ubuntu/ lucid/main lynx-cur 2.8.8dev.2-1
  401  Unauthorized [IP: 91.189.88.40 80]
Err http://us.archive.ubuntu.com/ubuntu/ lucid/main lynx 2.8.8dev.2-1
  401  Unauthorized [IP: 91.189.88.40 80]
Failed to fetch http://us.archive.ubuntu.com/ubuntu/pool/main/l/lynx-cur/lynx-cur_2.8.8dev.2-1_amd64.deb  401  Unauthorized [IP: 91.189.88.40 80]
Failed to fetch http://us.archive.ubuntu.com/ubuntu/pool/main/l/lynx-cur/lynx_2.8.8dev.2-1_all.deb  401  Unauthorized [IP: 91.189.88.40 80]
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?

score 0 · Answer 1 · answered Nov 12 '10 at 21:23

0

This is bad...try putting a vpn to your home network in and seeing if it resolves the problem. if it does you are getting redirected or hijacked. it is possible to be redirected legitimately, but they shouldn't replace with not authenticated packages so.....

answered Nov 12 '10 at 21:23

RobotHumans

151
3

It's running on a company network. What part of it indicates hijacking or redirection? Looks like just 401 errors but I'm hitting the right server based on that IP. – davidosomething Nov 13 '10 at 01:58
unsigned packages "package could not be authenticated" indicate redirection, hijack, or incorrect apt configuration – Nov 13 '10 at 09:18
see: http://www.securitytube.net/Evilgrade-Defcon-18-video.aspx demo section demonstrates this functionality...there are other explanations, but I lean to redirection assuming apt is configured properly with the correct keys installed – Nov 13 '10 at 09:21

score 0 · Accepted Answer · answered Nov 14 '10 at 17:41

Assuming this wasn't just a temporary glitch on the Ubuntu server, I would look into your company's web proxy. Maybe you have a very strangely configured transparent proxy or firewall, and you need to configure the right proxy, possibly with authentication. It could be a proxy bug, although causing a 401 sounds really bizarre.

Try accessing other sites (www.ubuntu.com, www.google.com, ...) with ~~lynx~~ wget, telnet, nc, whatever you have available. Also try your company's intranet to see if you get a different reaction.

401 Errors doing apt-get on new Ubuntu server

2 Answers2