Hi @pa-tester – a quick Google search for 8B48AD6246925553 turned up a few different questions from folks running into the same question. On my Pi, this key is shown as a key for Debian 7 packages:
$ apt-key list
/etc/apt/trusted.gpg
--------------------
[snip]
pub rsa4096 2012-04-27 [SC] [expires: 2020-04-25]
A1BD 8E9D 78F7 FE5C 3E65 D8AF 8B48 AD62 4692 5553
uid [ unknown] Debian Archive Automatic Signing Key (7.0/wheezy) <ftpmaster@debian.org>
I’m unable to tell right now if any packages depend on that key for signing. It would seem unlikely that anything from Debian 7 is actually being installed.
Can you try removing the failing key from the Ansible manifest and re-running? If everything works, great; if it still fails, the source will need to be updated in the Ansible manifest. Either way, please file a bug about it so the developers know.
If it turns out it does need to be installed, you can do that a few different ways. I’ll list the steps from this blog post:
- install from another keyserver:
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 8B48AD6246925553 - download from Debian FTP server:
wget -O - https://ftp-master.debian.org/keys/archive-key-7.0.asc | apt-key add -
Note that the URL for the key on the Debian FTP server has been corrected from the original blog post. Also, these steps will need to be run as root.
HTH!