Broken updates on Ubuntu/Debian

Some linux users will get an error trying to update Keybase.

Why: Keybase's code-signing key recently expired, on November 19, 2017. We previously extended this key and were distributing it with Keybase updates. But those who didn't get it in time are now left behind and will see an error.

Example error

$ sudo apt-get update
Hit:1 http://us.archive.ubuntu.com/ubuntu artful InRelease
Hit:2 http://us.archive.ubuntu.com/ubuntu artful-updates InRelease
Hit:3 http://us.archive.ubuntu.com/ubuntu artful-backports InRelease
Get:4 http://prerelease.keybase.io/deb stable InRelease [2,407 B]
Hit:5 http://security.ubuntu.com/ubuntu artful-security InRelease
Err:4 http://prerelease.keybase.io/deb stable InRelease
  The following signatures were invalid: EXPKEYSIG 47484E50656D16C7 Keybase.io Code Signing (v1) <code@keybase.io>
Reading package lists... Done
W: GPG error: http://prerelease.keybase.io/deb stable InRelease: The following signatures were invalid: EXPKEYSIG 47484E50656D16C7 Keybase.io Code Signing (v1) <code@keybase.io>
E: The repository 'http://prerelease.keybase.io/deb stable InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

Solution

The most direct way to fix the problem is to manually update our packaging key, with the following two commands:

wget https://keybase.io/docs/server_security/code_signing_key.asc
sudo apt-key add code_signing_key.asc

If that doesn't work for some reason, you can also fix the problem by repeating the original installation steps.