本來說是這個寒假好好學習一下滲透測試的，可隨著瞭解的深入，發現滲透測試需要的知識儲備太多了，因此好長時間都沒有真正的去學習滲透工具的使用，今天上午裝了一個kali，裝上之後第一件事就是執行apt-get update && apt-get upgrade，結果卻出現了這樣的錯誤

我新增的是中科大的更新源，在瀏覽器中是可以正常開啟的：

deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib  
deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
 

可是新增到 /etc/apt/source.list之後，執行apt-update就會出現上面的錯誤提示
這個問題折磨了我一整天，直到剛剛才解決掉，去網上搜，關於這種錯誤的帖子只有一兩個，而且還都是提問的帖子，都掛在那沒有解決。。。。因此我在解決了這個問題之後，立馬就過來寫了這篇部落格，供各位網友參考，說不定就能解決你的問題

在多方搜尋無果之後，我決定靜下心來認真閱讀一下kali中提供的文件，根據上面的提示，我查看了apt-secure(8)——>命令man 8 apt-secure

DESCRIPTION
       Starting with version 0.6, APT contains
 
 code that does signature
       checking of the Release file for all repositories. This ensures that
       data like packages in the archive can't be modified by people who have
       no access to the Release file signing key. Starting with version 1.1
       APT requires repositories to provide recent authentication information
       for
 
 unimpeded usage of the repository. Since version 1.5 changes in the
       information contained in the Release file about the repository need to
       be confirmed before APT continues to apply updates from this
       repository.

       Note: All APT-based package management front-ends like apt-get(8),
       aptitude(8) and synaptic(8) support this authentication feature, so
       this manpage uses APT to refer to them all for simplicity only.

首先閱讀一下apt-secure的描述，讀完之後我們可以知道，之所以一直更新不成功，是因為沒有簽名或者是有簽名但是apt沒有對應的key的package是不被信任的，安全起見，預設是不會採用這種源來進行更新的

繼續往下閱讀

UNSIGNED REPOSITORIES
       If an archive has an unsigned Release file or no Release file at all
       current APT versions will refuse to download data from them by default
       in update operations and even if forced to download front-ends like
       apt-get(8) will require explicit confirmation if an installation
       request includes a package from such an unauthenticated archive.

       You can force all APT clients to raise only warnings by setting the
       configuration option Acquire::AllowInsecureRepositories to true.
       Individual repositories can also be allowed to be insecure via the
       sources.list(5) option allow-insecure=yes. Note that insecure
       repositories are strongly discouraged and all options to force apt to
       continue supporting them will eventually be removed. Users also have
       the Trusted option available to disable even the warnings, but be sure
       to understand the implications as detailed in sources.list(5). 

第二段的標題正是沒有簽名的倉庫，這正是我們需要的說明
You can force all APT clients to raise only warnings by setting the
configuration option Acquire::AllowInsecureRepositories to true.
這句話就是解決問題的關鍵，雖然國內的源沒有簽名，或者簽名過期（失效），但是我們可以強制apt進行更新，忽略倉庫的安全性，而想要達到這個目的，我們就需要對APT的配置檔案進行修改
我搜索了apt.conf這個關鍵字，但相關網頁都是英文的，硬著頭皮讀完之後發現我的kali中並沒有apt.conf檔案，在我的/etc/apt目錄下，只有一個apt.conf.d目錄，cd進該目錄：

那麼多配置檔案，我也不知道到底該改哪一個，然後又去百度了一會兒，看到了這篇文章
https://wiki.debian.org/AptConf
然後我就抱著試一試的心態打開了70debconf檔案，按照前面man文件的指導，在裡面輸入了Acquire::AllowInsecureRepositories “true”;
然後執行apt-config dump，檢視apt的對應配置有無生效

Acquire::AllowInsecureRepositories的屬性值由最初的”0”變成了”true”
說明更改配置成功，然後趕緊敲入apt-get update && apt-get upgrade,萬分激動地按下回車鍵

看著一行行的提示快速滾動，那種感覺真的是無與倫比。。。。

可能我的分析有不到位的地方，不過不管怎樣，問題是解決了，歡迎各位指正
希望能幫助遇到同樣問題的小夥伴：）