Installing Elasticsearch on Ubuntu 24

Elastic Stack Elasticsearch
1

Hi

I want installing Elasticsearch on Ubuntu 24 but I have a problem with the PGP Key.
The message is :
W: Erreur de GPG : https://artifacts.elastic.co/packages/8.x/apt stable InRelease : Les signatures suivantes n'ont pas pu être vérifiées car la clé publique n'est pas disponible : NO_PUBKEY D27D666CD88E42B4

2

Did you install the key?

3

Yes I'm execute the commands :
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
and
echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list

4

OK, please share the output you are getting for the full sequence of commands, as described in the documentation link.

btw you can also just download the dpkg file and install it directly as shown on same page.

will look similar to below (I did as root, so sudo was not required)

root@ip:~# cat  /etc/os-release
PRETTY_NAME="Ubuntu 24.04.1 LTS"
NAME="Ubuntu"
VERSION_ID="24.04"
VERSION="24.04.1 LTS (Noble Numbat)"
VERSION_CODENAME=noble
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=noble
LOGO=ubuntu-logo

root@ip:~# wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg

root@ip:~# apt-get install apt-transport-https
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'apt' instead of 'apt-transport-https'
apt is already the newest version (2.7.14build2).
apt set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

root@ip:~# echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list
deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main

root@ip:~# apt-get update && apt-get install elasticsearch
Hit:1 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble InRelease
Get:2 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates InRelease [126 kB]
Get:3 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-backports InRelease [126 kB]
Get:4 http://security.ubuntu.com/ubuntu noble-security InRelease [126 kB]
Get:5 https://artifacts.elastic.co/packages/8.x/apt stable InRelease [10.4 kB]
Get:6 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble/universe amd64 Packages [15.0 MB]
Get:7 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages [563 kB]
Get:8 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble/universe Translation-en [5982 kB]
Get:9 https://artifacts.elastic.co/packages/8.x/apt stable/main amd64 Packages [129 kB]
Get:10 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble/universe amd64 Components [3871 kB]
Get:11 http://security.ubuntu.com/ubuntu noble-security/main Translation-en [110 kB]
Get:12 http://security.ubuntu.com/ubuntu noble-security/main amd64 Components [7196 B]
Get:13 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Packages [760 kB]
Get:14 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble/universe amd64 c-n-f Metadata [301 kB]
Get:15 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble/multiverse amd64 Packages [269 kB]
Get:16 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble/multiverse Translation-en [118 kB]
Get:17 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble/multiverse amd64 Components [35.0 kB]
Get:18 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble/multiverse amd64 c-n-f Metadata [8328 B]
Get:19 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages [750 kB]
Get:20 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main Translation-en [171 kB]
Get:21 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 Components [151 kB]
Get:22 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/universe amd64 Packages [931 kB]
Get:23 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/universe Translation-en [231 kB]
Get:24 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/universe amd64 Components [309 kB]
Get:25 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/universe amd64 c-n-f Metadata [19.9 kB]
Get:26 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/restricted amd64 Packages [572 kB]
Get:27 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/restricted Translation-en [110 kB]
Get:28 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/restricted amd64 Components [212 B]
Get:29 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/multiverse amd64 Packages [16.0 kB]
Get:30 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/multiverse Translation-en [3844 B]
Get:31 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/multiverse amd64 Components [940 B]
Get:32 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-updates/multiverse amd64 c-n-f Metadata [552 B]
Get:33 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-backports/main amd64 Components [208 B]
Get:34 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-backports/main amd64 c-n-f Metadata [112 B]
Get:35 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-backports/universe amd64 Packages [10.7 kB]
Get:36 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-backports/universe Translation-en [10.8 kB]
Get:37 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-backports/universe amd64 Components [11.7 kB]
Get:38 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-backports/universe amd64 c-n-f Metadata [1104 B]
Get:39 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-backports/restricted amd64 Components [216 B]
Get:40 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-backports/restricted amd64 c-n-f Metadata [116 B]
Get:41 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-backports/multiverse amd64 Components [212 B]
Get:42 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu noble-backports/multiverse amd64 c-n-f Metadata [116 B]
Get:43 http://security.ubuntu.com/ubuntu noble-security/universe Translation-en [162 kB]
Get:44 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Components [51.9 kB]
Get:45 http://security.ubuntu.com/ubuntu noble-security/universe amd64 c-n-f Metadata [13.5 kB]
Get:46 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 Packages [560 kB]
Get:47 http://security.ubuntu.com/ubuntu noble-security/restricted Translation-en [108 kB]
Get:48 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 Components [212 B]
Get:49 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 Packages [12.2 kB]
Get:50 http://security.ubuntu.com/ubuntu noble-security/multiverse Translation-en [2940 B]
Get:51 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 Components [212 B]
Get:52 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 c-n-f Metadata [356 B]
Fetched 31.8 MB in 6s (5281 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  elasticsearch
0 upgraded, 1 newly installed, 0 to remove and 58 not upgraded.
Need to get 636 MB of archives.
After this operation, 1210 MB of additional disk space will be used.
Get:1 https://artifacts.elastic.co/packages/8.x/apt stable/main amd64 elasticsearch amd64 8.17.0 [636 MB]
Fetched 636 MB in 12s (52.8 MB/s)
Selecting previously unselected package elasticsearch.
(Reading database ... 70601 files and directories currently installed.)
Preparing to unpack .../elasticsearch_8.17.0_amd64.deb ...
Creating elasticsearch group... OK
Creating elasticsearch user... OK
Unpacking elasticsearch (8.17.0) ...
Setting up elasticsearch (8.17.0) ...
--------------------------- Security autoconfiguration information ------------------------------

Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.

The generated password for the elastic built-in superuser is : j-MoiQo-ZE8xE7eT7kma

If this node should join an existing cluster, you can reconfigure this with
'/usr/share/elasticsearch/bin/elasticsearch-reconfigure-node --enrollment-token <token-here>'
after creating an enrollment token on your existing cluster.

You can complete the following actions at any time:

Reset the password of the elastic built-in superuser with
'/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic'.

Generate an enrollment token for Kibana instances with
 '/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana'.

Generate an enrollment token for Elasticsearch nodes with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node'.

-------------------------------------------------------------------------------------------------
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using systemd
 sudo systemctl daemon-reload
 sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
 sudo systemctl start elasticsearch.service
Scanning processes...
Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
5

Hi
today I'm trying another install

> root@serveur:~# wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
> File '/usr/share/keyrings/elasticsearch-keyring.gpg' exists. Overwrite? (y/N) y
> root@serveur:~# apt-get install apt-transport-https
> Lecture des listes de paquets... Fait
> Construction de l'arbre des dépendances... Fait
> Lecture des informations d'état... Fait
> apt-transport-https est déjà la version la plus récente (2.7.14build2).
> Les paquets suivants ont été installés automatiquement et ne sont plus nécessaires :
>   eatmydata libeatmydata1 python-babel-localedata python3-babel python3-jinja2 python3-json-pointer python3-jsonpatch python3-jsonschema python3-markupsafe python3-pyrsistent python3-tz
> Veuillez utiliser « apt autoremove » pour les supprimer.
> 0 mis à jour, 0 nouvellement installés, 0 à enlever et 21 non mis à jour.
> root@serveur:~# echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list
> deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main
> root@serveur:~# apt-get update && apt-get install elasticsearch
> Atteint :1 https://mirrorlinux/ubuntu noble InRelease
> Réception de :2 https://mirrorlinux/ubuntu noble-updates InRelease [126 kB]
> Réception de :3 https://mirrorlinux/ubuntu noble-backports InRelease [126 kB]
> Réception de :4 http://security.ubuntu.com/ubuntu noble-security InRelease [126 kB]
> Réception de :5 https://artifacts.elastic.co/packages/8.x/apt stable InRelease [10,4 kB]
> Réception de :6 https://mirrorlinux/ubuntu noble-updates/main amd64 Packages [759 kB]
> Atteint :7 http://repo.zabbix.com/zabbix/7.0/ubuntu noble InRelease
> Réception de :8 https://mirrorlinux/ubuntu noble-updates/main Translation-en [172 kB]
> Réception de :9 https://mirrorlinux/ubuntu noble-updates/main amd64 Components [151 kB]
> Réception de :10 https://mirrorlinux/ubuntu noble-updates/restricted amd64 Components [212 B]
> Réception de :11 https://mirrorlinux/ubuntu noble-updates/universe amd64 Packages [965 kB]
> Réception de :12 https://mirrorlinux/ubuntu noble-updates/universe Translation-en [238 kB]
> Réception de :13 https://mirrorlinux/ubuntu noble-updates/universe amd64 Components [309 kB]
> Réception de :14 https://esm.ubuntu.com/apps/ubuntu noble-apps-security InRelease [7 547 B]
> Réception de :15 https://mirrorlinux/ubuntu noble-updates/multiverse amd64 Components [940 B]
> Réception de :16 https://mirrorlinux/ubuntu noble-backports/main amd64 Components [208 B]
> Réception de :17 https://mirrorlinux/ubuntu noble-backports/restricted amd64 Components [216 B]
> Réception de :18 https://mirrorlinux/ubuntu noble-backports/universe amd64 Components [11,7 kB]
> Réception de :19 https://mirrorlinux/ubuntu noble-backports/multiverse amd64 Components [212 B]
> Réception de :20 https://esm.ubuntu.com/apps/ubuntu noble-apps-updates InRelease [7 468 B]
> Err :5 https://artifacts.elastic.co/packages/8.x/apt stable InRelease
>   Les signatures suivantes n'ont pas pu être vérifiées car la clé publique n'est pas disponible : NO_PUBKEY D27D666CD88E42B4
> Réception de :21 https://esm.ubuntu.com/infra/ubuntu noble-infra-security InRelease [7 462 B]
> Réception de :22 https://esm.ubuntu.com/infra/ubuntu noble-infra-updates InRelease [7 461 B]
> Réception de :23 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages [572 kB]
> Réception de :24 http://security.ubuntu.com/ubuntu noble-security/main Translation-en [111 kB]
> Réception de :25 http://security.ubuntu.com/ubuntu noble-security/main amd64 Components [7 220 B]
> Réception de :26 http://security.ubuntu.com/ubuntu noble-security/restricted amd64 Components [212 B]
> Réception de :27 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Packages [795 kB]
> Réception de :28 http://security.ubuntu.com/ubuntu noble-security/universe Translation-en [169 kB]
> Réception de :29 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Components [52,0 kB]
> Réception de :30 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 Components [212 B]
> Lecture des listes de paquets... Fait
> W: Erreur de GPG : https://artifacts.elastic.co/packages/8.x/apt stable InRelease : Les signatures suivantes n'ont pas pu être vérifiées car la clé publique n'est pas disponible : NO_PUBKEY D27D666CD88E42B4
> E: Le dépôt https://artifacts.elastic.co/packages/8.x/apt stable InRelease n'est pas signé.
> N: Les mises à jour depuis un tel dépôt ne peuvent s'effectuer de manière sécurisée, et sont donc désactivées par défaut.
> N: Voir les pages de manuel d'apt-secure(8) pour la création des dépôts et les détails de configuration d'un utilisateur.
6

I found this post

7

finally I installed Elasticsearch from the deb package

Thanks

1 Like
8

Thats cool.

Your commands look right, I dont understand why it does not work, and I executed on completely fresh Ubuntu 24.04 system. And btw, yes, elasticsearch latest versions are fine with Ubuntu 22.04.

The error you get is if there is a mismatch between the path set via [signed-by=/path/to/file] in the file

/etc/apt/sources.list.d/elastic-8.x.list

and the actual path to the keyfile. This should be

/usr/share/keyrings/elasticsearch-keyring.gpg

but you can place the file anywhere as long as the [signed-by=/path/to/file] matches. Note those are square brackets "[" and "]"

I wonder if the French lang/keyboard setting has done something funny with a cut and paste? Can't think of anything else.

btw, md5 of that field should be:

$ md5sum /usr/share/keyrings/elasticsearch-keyring.gpg
3e93265202a29fbf1f0d2f89fb2b0ea6 /usr/share/keyrings/elasticsearch-keyring.gpg

9

I think the problem here is that the documentation in Install Elasticsearch with a Debian package | Elastic Docs assumes that https://artifacts.elastic.co/GPG-KEY-elasticsearch is a gpg keyring file when it really is an old style key file ...

file GPG-KEY-elasticsearch 
GPG-KEY-elasticsearch: PGP public key block Public-Key (old)

should have bean something like this

file /usr/share/keyrings/ubuntu-archive-keyring.gpg
/usr/share/keyrings/ubuntu-archive-keyring.gpg: OpenPGP Public Key Version 4, Created Fri May 11 21:15:36 2012, RSA (Encrypt or Sign, 4096 bits); User ID; Signature; OpenPGP Certificate
10

Would be nice if someone at Elastic could make a keyring file available for download and update the docs.

11

IIRC it didn't stop you installing, was just a warning. Has that changed?

EDIT: Sorry, I did recall wrong. One of my keys was from 7.x times and was stored in different file. But still, does this stop the installation succeeded?

kevin@u2014 $ sudo cat /etc/apt/sources.list.d/elastic-[789]*
#deb [signed-by=/usr/share/keyrings/elastic.gpg] https://artifacts.elastic.co/packages/7.x/apt stable main
#deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main
deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/9.x/apt stable main

and the 2 files:

kevin@u2024 $ file /usr/share/keyrings/elastic*
/usr/share/keyrings/elastic.gpg:               OpenPGP Public Key Version 4, Created Mon Sep 16 15:07:54 2013, RSA (Encrypt or Sign, 2048 bits); User ID; Signature; OpenPGP Certificate
/usr/share/keyrings/elasticsearch-keyring.gpg: OpenPGP Public Key Version 4, Created Mon Sep 16 15:07:54 2013, RSA (Encrypt or Sign, 2048 bits); User ID; Signature; OpenPGP Certificate
12

Sorry for my hasty conclusions here.
I forgot to dearmor the downloaded key file ....