We understand your frustration and appreciate your patience. The issue has been acknowledged, and our technical team is working toward a solution that will be included in an upcoming release. Thank you for your patience until then.

I don't know what the problems are. With another program, the developer needed two days before a new key was made available to the community.

Perhaps the technical team is also wondering how to get the "upcoming" release (really??) if apt refuses to read the repository.

As I said, I've been using Enpass for many years and I'm happy with it. I'm also willing to pay for it. But not if the money goes into "nirvana" because I can't access the repository.

Why don't you release a binary that can be installed if the valid key is causing these problems?

@geier

I don't know what the problems are.

They don't give a shit, or more likely they don't know shit. A password manager sitting on this issue for a whole year probably means they fired the people who knew the shit. They haven't even released a Linux version for some time. Check the version numbers on the their Download page. Better start looking for a different password manager.

Edited March 6Mar 6 by Brahma Dev

On 2/9/2026 at 12:06 AM, JeffB said:

Thanks to @randomguy for a work around. It seems Debian is enforcing the secure certificate test, and Ubuntu and derivatives are more permissive; I don't get the error there. I too wonder if there is any real team there, at least on Linux. But for me, it is still the best solution and as long as it continues to work, there are no reported vulnerabilities, and there are no clear alternatives, it seems like it will be best to continue. However, I plan to evaluate periodically.

In the last few months I received the following message when I update the repositries informaton on Debian Testing:

Advertencia: Fallo al obtener https://apt.enpass.io/dists/stable/InRelease  Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on B6DA722E2E65721AF54B93966F7565879798C2FC is not
bound:            No binding signature at time 2025-07-28T06:45:22Z   because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance   because: SHA1 is not con
sidered secure since 2026-02-01T00:00:00Z

But thanks to @randomguy I can update the Enpass repository information and install new Enpass versions.

I hope the Enpass team configures a new key soon because I like Enpass but only the future will say if I will stay on Enpass or I will migrate my vault to another password manager.

On 3/4/2026 at 6:42 PM, Luis said:

(...) I hope the Enpass team configures a new key soon (...)

😂 Look at the date of the first message, and read my other replies on this subject.

Come on Enpass team - you can do it!

This really isn't fun for many Linux users and it's an easy fix.

Please escalate this - it won't take much work!

Think of the good will you'll create for a small amount of work.

Today I got an update of Enpass and it installed a new signing key

56 minutes ago, Artemy Tregubenko said:

Today I got an update of Enpass and it installed a new signing key

No changes on Debian Linux.
And if you try to install Enpass, you will also get an error.

22 minutes ago, NikosBzh said:

No changes on Debian Linux.
And if you try to install Enpass, you will also get an error.

It appears that the install links are still for 6.11.12 but the update installs 6.11.13 with the new signing key. Until the download/install page is updated, you should be able to use the @randomguy instructions and execute an update/upgrade to get 6.11.13.

I got this message,

$ sudo apt-get update

Get:8 https://apt.enpass.io stable Release [6,621 B]

Get:9 https://apt.enpass.io stable Release.gpg [1,321 B]

Ign:9 https://apt.enpass.io stable Release.gpg

Reading package lists... Done

W: OpenPGP signature verification failed: https://apt.enpass.io stable Release: Sub-process /usr/bin/sqv returned an error code (1), error message is: Missing key F433834B65BE665BCE974660877653760D0214BC, which is needed to verify signature.

E: The repository 'https://apt.enpass.io stable Release' is no longer signed.

N: Updating from such a repository can't be done securely, and is therefore disabled by default.

N: See apt-secure(8) manpage for repository creation and user configuration details.

Will I have too install the new one manually or do you think it can be updated with apt-get?

Thanks for your patience.

We have fixed the issue. The signing key used to verify Enpass Linux packages has been upgraded to a stronger security standard, ensuring smooth installs and updates on newer distributions such as Debian 13. Please import the updated signing key as described in the installation guide. See the Linux installation guide for details.

I did the update to see.

The issue seemed to have been resolved.

But anyway, it was too late for me, I switched to another password manager, which suits me very well.

On 3/11/2026 at 11:11 AM, Tarun Singh Rawat said:

Thanks for your patience.

We have fixed the issue. The signing key used to verify Enpass Linux packages has been upgraded to a stronger security standard, ensuring smooth installs and updates on newer distributions such as Debian 13. Please import the updated signing key as described in the installation guide. See the Linux installation guide for details.

I can't believe it. Someone actually tackled the problem. And successfully, too!

An update was released immediately:

[UPGRADE] enpass:amd64 6.11.12.1953 -> 6.11.13.1957.

It would be helpful if the key were installed directly in the correct directory.

Here's how to do it without sudo:

# curl -fsSL "https://apt.enpass.io/keys/enpass-linux.key" | gpg --quiet --dearmor | tee /usr/share/keyrings/enpass.gpg >/dev/null

and the source in the new DEB822 format:

~$ cat /etc/apt/sources.list.d/enpass.sources
Types: deb
URIs: https://apt.enpass.io/
Suites: stable
Components: main
Signed-By: /usr/share/keyrings/enpass.gpg

Edited April 16Apr 16 by geier