Adding Ubuntu (multiverse) automatic signing key:
Adding Ubuntu’s multiverse repo signing key involves launching a shell terminal, su-ing to root and typing the following commands.
1. # gpg --keyserver keyserver.ubuntu.com --recv-keys 40976EAF437D05B5
2. # gpg --export --armor 40976EAF437D05B5 | apt-key add -
After the key has been added, the ‘Authentication’ tab of Software Sources should show the Ubuntu key at the bottom of the list, just below the XBMC ppa key that you added in the previous section.
After all the repos and their signing keys have been added, click on the Reload button on Synaptic or at a shell terminal, type in (as root)
apt-get update. If all the steps above have been followed, there should be no errors.
Then next and final step is to install XBMC. As usual, you could do this from a shell terminal or by using Synaptic.
Installing from shell terminal:
I consider this the easiest method. All that you need to do is type in the command as shown in the screenshot below. APT will install XBMC and the other four packages listed at the beginning of this tutorial.
Installing from Synaptic:
If it’s not already open, launch Synaptic from Hymera > System > Administration > Synaptic. Click on the search button and type in ‘xbmc’. Your search will yield more packages than you need to install. Locate the ‘xbmc’ package and mark it for installation. As on the shell terminal, marking ‘xbmc’ will also cause the other packages (dependencies) to be marked for installation. The screenshot below does not show libfaac0, but it is also selected for installation.
With all the packages marked, click on the Apply button. In less than three minutes, XBMC should be installed and an entry placed in the menu at Hymera > Sound & Video > XBMC Media Center
A note about signing keys:
If you add a repo to a Debian-based distro without adding the corresponding signing key, and click the Reload button on Synaptic or input
apt-get update on the command line, APT will complain with the kind of error message shown below.
At that point, you should know that APT is saying that it does not trust the source in question, and that you should add a signing key. Never install packages from a repo that you do not trust. In other words, adding a repo to your systems
/etc/apt/sources.list and its key to
/etc/apt/trust.gpg must go hand in hand.