Updating the CUDA Linux GPG Repository Key

The cuda-keyring package enables the “online” repository. It does not enroll a GPG public key for the “offline” local repos.

The local repo installers use ephemeral “one-time” keys, so please follow the copy instruction provided at install time, i.e. for CUDA 12.1

$ sudo dpkg -i cudnn-local-repo-ubuntu2204-8.9.1.23_1.0-1_amd64.deb 
Selecting previously unselected package cudnn-local-repo-ubuntu2204-8.9.1.23.
(Reading database ... 5258 files and directories currently installed.)
Preparing to unpack cudnn-local-repo-ubuntu2204-8.9.1.23_1.0-1_amd64.deb ...
Unpacking cudnn-local-repo-ubuntu2204-8.9.1.23 (1.0-1) ...
Setting up cudnn-local-repo-ubuntu2204-8.9.1.23 (1.0-1) ...

The public cudnn-local-repo-ubuntu2204-8.9.1.23 GPG key does not appear to be installed.
To install the key, run this command:
sudo cp /var/cudnn-local-repo-ubuntu2204-8.9.1.23/cudnn-local-E7A7D88D-keyring.gpg /usr/share/keyrings/

As such, simply adapt 1. Introduction — cuda-installation-guide-linux 12.2 documentation

sudo cp -v /var/cudnn-local-repo-ubuntu2204-8.9.1.23/cudnn-local-*-keyring.gpg /usr/share/keyrings/
sudo apt-get update

Any chance at taking compliance seriously after 4 years? Especially with CMMC 2.0 here? Yes, FIPS matters.

1 Like

@BJSmithIEEE
A few possible workaround I’ve been using for similar things:

  • Use some custom scripts to query the 2nd/3rd level of dependency tree and kick out unwanted pkgs (e.g. nsight in this case).
  • Mirror their repo through https to ensure it’s authentic in transit, and repack/re-sign with compliant algo.

Hi @kmittman, @roarmstrong

I am following the below steps :

apt-key del 7fa2af80
apt-get update
apt-get install -y wget lsb-release
wget https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64/cuda-keyring_1.0-1_all.deb
dpkg -i cuda-keyring_1.0-1_all.deb

but still getting the below error:

.
.
.

Get:19 Index of /ubuntu focal-backports/universe amd64 Packages [28.6 kB]

Reading package lists…

e[91mW: GPG error: Index of /compute/cuda/repos/ubuntu2004/x86_64 InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY A4B469963BF863CC

E: The repository ‘Index of /compute/cuda/repos/ubuntu2004/x86_64 InRelease’ is not signed.

Also is there an issue if I am still using [cuda-keyring_1.0-1_all.deb] instead of cuda-keyring_1.1-1_all.deb ??

Could you please suggest what could be going wrong?

$ podman run -it ubuntu:20.04 /bin/bash -c "apt-get update >/dev/null; apt-get install -y sudo wget gnupg ca-certificates >/dev/null; bash"
debconf: delaying package configuration, since apt-utils is not installed
# sudo apt-key del 7fa2af80                                                                                      
OK

# sudo apt-get update
Hit:1 http://security.ubuntu.com/ubuntu focal-security InRelease
Hit:2 http://archive.ubuntu.com/ubuntu focal InRelease
Hit:3 http://archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:4 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Reading package lists... Done

# sudo apt-get install -y wget lsb-release
Reading package lists... Done
Building dependency tree       
Reading state information... Done
wget is already the newest version (1.20.3-1ubuntu2).
The following additional packages will be installed:
  distro-info-data file libexpat1 libmagic-mgc libmagic1 libmpdec2 libpython3-stdlib libpython3.8-minimal libpython3.8-stdlib mime-support python3 python3-minimal python3.8 python3.8-minimal xz-utils
Suggested packages:
  python3-doc python3-tk python3-venv python3.8-venv python3.8-doc binutils binfmt-support
The following NEW packages will be installed:
  distro-info-data file libexpat1 libmagic-mgc libmagic1 libmpdec2 libpython3-stdlib libpython3.8-minimal libpython3.8-stdlib lsb-release mime-support python3 python3-minimal python3.8 python3.8-minimal xz-utils
0 upgraded, 16 newly installed, 0 to remove and 43 not upgraded.
Need to get 5361 kB of archives.
After this operation, 26.9 MB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 libpython3.8-minimal amd64 3.8.10-0ubuntu1~20.04.8 [717 kB]
Get:2 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 libexpat1 amd64 2.2.9-1ubuntu0.6 [74.6 kB]
Get:3 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 python3.8-minimal amd64 3.8.10-0ubuntu1~20.04.8 [1902 kB]
Get:4 http://archive.ubuntu.com/ubuntu focal/main amd64 python3-minimal amd64 3.8.2-0ubuntu2 [23.6 kB]
Get:5 http://archive.ubuntu.com/ubuntu focal/main amd64 mime-support all 3.64ubuntu1 [30.6 kB]
Get:6 http://archive.ubuntu.com/ubuntu focal/main amd64 libmpdec2 amd64 2.4.2-3 [81.1 kB]
Get:7 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 libpython3.8-stdlib amd64 3.8.10-0ubuntu1~20.04.8 [1675 kB]
Get:8 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 python3.8 amd64 3.8.10-0ubuntu1~20.04.8 [387 kB]
Get:9 http://archive.ubuntu.com/ubuntu focal/main amd64 libpython3-stdlib amd64 3.8.2-0ubuntu2 [7068 B]
Get:10 http://archive.ubuntu.com/ubuntu focal/main amd64 python3 amd64 3.8.2-0ubuntu2 [47.6 kB]
Get:11 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 distro-info-data all 0.43ubuntu1.14 [4788 B]
Get:12 http://archive.ubuntu.com/ubuntu focal/main amd64 libmagic-mgc amd64 1:5.38-4 [218 kB]
Get:13 http://archive.ubuntu.com/ubuntu focal/main amd64 libmagic1 amd64 1:5.38-4 [75.9 kB]
Get:14 http://archive.ubuntu.com/ubuntu focal/main amd64 file amd64 1:5.38-4 [23.3 kB]
Get:15 http://archive.ubuntu.com/ubuntu focal/main amd64 lsb-release all 11.1.0ubuntu2 [10.6 kB]
Get:16 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 xz-utils amd64 5.2.4-1ubuntu1.1 [82.6 kB]
Fetched 5361 kB in 1s (5847 kB/s)    
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libpython3.8-minimal:amd64.
(Reading database ... 4890 files and directories currently installed.)
Preparing to unpack .../libpython3.8-minimal_3.8.10-0ubuntu1~20.04.8_amd64.deb ...
Unpacking libpython3.8-minimal:amd64 (3.8.10-0ubuntu1~20.04.8) ...
Selecting previously unselected package libexpat1:amd64.
Preparing to unpack .../libexpat1_2.2.9-1ubuntu0.6_amd64.deb ...
Unpacking libexpat1:amd64 (2.2.9-1ubuntu0.6) ...
Selecting previously unselected package python3.8-minimal.
Preparing to unpack .../python3.8-minimal_3.8.10-0ubuntu1~20.04.8_amd64.deb ...
Unpacking python3.8-minimal (3.8.10-0ubuntu1~20.04.8) ...
Setting up libpython3.8-minimal:amd64 (3.8.10-0ubuntu1~20.04.8) ...
Setting up libexpat1:amd64 (2.2.9-1ubuntu0.6) ...
Setting up python3.8-minimal (3.8.10-0ubuntu1~20.04.8) ...
Selecting previously unselected package python3-minimal.
(Reading database ... 5181 files and directories currently installed.)
Preparing to unpack .../0-python3-minimal_3.8.2-0ubuntu2_amd64.deb ...
Unpacking python3-minimal (3.8.2-0ubuntu2) ...
Selecting previously unselected package mime-support.
Preparing to unpack .../1-mime-support_3.64ubuntu1_all.deb ...
Unpacking mime-support (3.64ubuntu1) ...
Selecting previously unselected package libmpdec2:amd64.
Preparing to unpack .../2-libmpdec2_2.4.2-3_amd64.deb ...
Unpacking libmpdec2:amd64 (2.4.2-3) ...
Selecting previously unselected package libpython3.8-stdlib:amd64.
Preparing to unpack .../3-libpython3.8-stdlib_3.8.10-0ubuntu1~20.04.8_amd64.deb ...
Unpacking libpython3.8-stdlib:amd64 (3.8.10-0ubuntu1~20.04.8) ...
Selecting previously unselected package python3.8.
Preparing to unpack .../4-python3.8_3.8.10-0ubuntu1~20.04.8_amd64.deb ...
Unpacking python3.8 (3.8.10-0ubuntu1~20.04.8) ...
Selecting previously unselected package libpython3-stdlib:amd64.
Preparing to unpack .../5-libpython3-stdlib_3.8.2-0ubuntu2_amd64.deb ...
Unpacking libpython3-stdlib:amd64 (3.8.2-0ubuntu2) ...
Setting up python3-minimal (3.8.2-0ubuntu2) ...
Selecting previously unselected package python3.
(Reading database ... 5583 files and directories currently installed.)
Preparing to unpack .../0-python3_3.8.2-0ubuntu2_amd64.deb ...
Unpacking python3 (3.8.2-0ubuntu2) ...
Selecting previously unselected package distro-info-data.
Preparing to unpack .../1-distro-info-data_0.43ubuntu1.14_all.deb ...
Unpacking distro-info-data (0.43ubuntu1.14) ...
Selecting previously unselected package libmagic-mgc.
Preparing to unpack .../2-libmagic-mgc_1%3a5.38-4_amd64.deb ...
Unpacking libmagic-mgc (1:5.38-4) ...
Selecting previously unselected package libmagic1:amd64.
Preparing to unpack .../3-libmagic1_1%3a5.38-4_amd64.deb ...
Unpacking libmagic1:amd64 (1:5.38-4) ...
Selecting previously unselected package file.
Preparing to unpack .../4-file_1%3a5.38-4_amd64.deb ...
Unpacking file (1:5.38-4) ...
Selecting previously unselected package lsb-release.
Preparing to unpack .../5-lsb-release_11.1.0ubuntu2_all.deb ...
Unpacking lsb-release (11.1.0ubuntu2) ...
Selecting previously unselected package xz-utils.
Preparing to unpack .../6-xz-utils_5.2.4-1ubuntu1.1_amd64.deb ...
Unpacking xz-utils (5.2.4-1ubuntu1.1) ...
Setting up mime-support (3.64ubuntu1) ...
Setting up libmagic-mgc (1:5.38-4) ...
Setting up distro-info-data (0.43ubuntu1.14) ...
Setting up libmagic1:amd64 (1:5.38-4) ...
Setting up file (1:5.38-4) ...
Setting up xz-utils (5.2.4-1ubuntu1.1) ...
update-alternatives: using /usr/bin/xz to provide /usr/bin/lzma (lzma) in auto mode
update-alternatives: warning: skip creation of /usr/share/man/man1/lzma.1.gz because associated file /usr/share/man/man1/xz.1.gz (of link group lzma) doesn't exist
update-alternatives: warning: skip creation of /usr/share/man/man1/unlzma.1.gz because associated file /usr/share/man/man1/unxz.1.gz (of link group lzma) doesn't exist
update-alternatives: warning: skip creation of /usr/share/man/man1/lzcat.1.gz because associated file /usr/share/man/man1/xzcat.1.gz (of link group lzma) doesn't exist
update-alternatives: warning: skip creation of /usr/share/man/man1/lzmore.1.gz because associated file /usr/share/man/man1/xzmore.1.gz (of link group lzma) doesn't exist
update-alternatives: warning: skip creation of /usr/share/man/man1/lzless.1.gz because associated file /usr/share/man/man1/xzless.1.gz (of link group lzma) doesn't exist
update-alternatives: warning: skip creation of /usr/share/man/man1/lzdiff.1.gz because associated file /usr/share/man/man1/xzdiff.1.gz (of link group lzma) doesn't exist
update-alternatives: warning: skip creation of /usr/share/man/man1/lzcmp.1.gz because associated file /usr/share/man/man1/xzcmp.1.gz (of link group lzma) doesn't exist
update-alternatives: warning: skip creation of /usr/share/man/man1/lzgrep.1.gz because associated file /usr/share/man/man1/xzgrep.1.gz (of link group lzma) doesn't exist
update-alternatives: warning: skip creation of /usr/share/man/man1/lzegrep.1.gz because associated file /usr/share/man/man1/xzegrep.1.gz (of link group lzma) doesn't exist
update-alternatives: warning: skip creation of /usr/share/man/man1/lzfgrep.1.gz because associated file /usr/share/man/man1/xzfgrep.1.gz (of link group lzma) doesn't exist
Setting up libmpdec2:amd64 (2.4.2-3) ...
Setting up libpython3.8-stdlib:amd64 (3.8.10-0ubuntu1~20.04.8) ...
Setting up python3.8 (3.8.10-0ubuntu1~20.04.8) ...
Setting up libpython3-stdlib:amd64 (3.8.2-0ubuntu2) ...
Setting up python3 (3.8.2-0ubuntu2) ...
running python rtupdate hooks for python3.8...
running python post-rtupdate hooks for python3.8...
Setting up lsb-release (11.1.0ubuntu2) ...
Processing triggers for libc-bin (2.31-0ubuntu9.9) ...

# wget https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64/cuda-keyring_1.1-1_all.deb
--2023-11-27 16:42:48--  https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64/cuda-keyring_1.1-1_all.deb
Resolving developer.download.nvidia.com (developer.download.nvidia.com)... 152.195.19.142
Connecting to developer.download.nvidia.com (developer.download.nvidia.com)|152.195.19.142|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 4328 (4.2K) [application/x-deb]
Saving to: 'cuda-keyring_1.1-1_all.deb'

cuda-keyring_1.1-1_all.deb                                          100%[==================================================================================================================================================================>]   4.23K  --.-KB/s    in 0s      

2023-11-27 16:42:48 (185 MB/s) - 'cuda-keyring_1.1-1_all.deb' saved [4328/4328]

# sudo dpkg -i cuda-keyring_1.1-1_all.deb 
Selecting previously unselected package cuda-keyring.
(Reading database ... 5706 files and directories currently installed.)
Preparing to unpack cuda-keyring_1.1-1_all.deb ...
Unpacking cuda-keyring (1.1-1) ...
Setting up cuda-keyring (1.1-1) ...

# sudo apt-get update
Get:1 https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64  InRelease [1581 B]
Get:2 https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2004/x86_64  Packages [1312 kB]                                    
Hit:3 http://security.ubuntu.com/ubuntu focal-security InRelease          
Hit:4 http://archive.ubuntu.com/ubuntu focal InRelease               
Hit:5 http://archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:6 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Fetched 1313 kB in 0s (2788 kB/s)
Reading package lists... Done

Hit enter too fast, I wanted to add that the only difference between cuda-keyring 1.0 and 1.1 is fixed a bug about it always warning the deprecated GPG key was found. GitHub - NVIDIA/apt-packaging-cuda-keyring: CUDA keyring packaging for Debian

Hi all. Sorry to resurrect, but I think I am having an issue that relates to this. I followed these NVIDIA provided instructions for installing cuDNN 9.0.0, and I am getting this:

# apt update                                                                                           
Get:1 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  InRelease [1572 B]
Err:1 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  InRelease                 
  The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 1D87D57E960825AE
Reading package lists... Done
W: GPG error: file:/var/cudnn-local-repo-ubuntu2204-9.0.0  InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 1D87D57E960825AE
E: The repository 'file:/var/cudnn-local-repo-ubuntu2204-9.0.0  InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

What’s missing on those instructions, and how could I fix this? If this question/topic doesn’t belong to this thread, please feel free to move it. Thanks!

Hi @Fastidious
This blog / thread is about the NVIDIA GPG key for the CDN-hosted network repository, i.e. Index of /compute/cuda/repos/ubuntu2204/x86_64

However, the output posted is for the “offline” local repository installed on the filesystem in /var/ which uses a different key, ephemeral per installer/release.

There is output from dpkg -i that instructs copying the public key, as well as this line on the download page

sudo cp /var/cudnn-local-repo-ubuntu2204-9.0.0/cudnn-*-keyring.gpg /usr/share/keyrings/

That was done, @kmittman, and the output I posted is what we get. Do you recommend bringing this issue to the proper forum category then? In retrospect, I believe cuDNN - NVIDIA Developer Forums is more appropriate.

Following up @Fastidious

docker run -it ubuntu:22.04 /bin/bash -c "apt-get update; apt-get install -y wget gpg ca-certificates sudo; bash"

Slightly modified for verbosity from https://developer.nvidia.com/cudnn-downloads?target_os=Linux&target_arch=x86_64&Distribution=Ubuntu&target_version=22.04&target_type=deb_local

$ wget https://developer.download.nvidia.com/compute/cudnn/9.0.0/local_installers/cudnn-local-repo-ubuntu2204-9.0.0_1.0-1_amd64.deb

$ md5sum cudnn-local-repo-ubuntu2204-9.0.0_1.0-1_amd64.deb 
8b6004e8fa46cdbeef8ca1babb99e616  cudnn-local-repo-ubuntu2204-9.0.0_1.0-1_amd64.deb

$ sudo dpkg -i cudnn-local-repo-ubuntu2204-9.0.0_1.0-1_amd64.deb
Selecting previously unselected package cudnn-local-repo-ubuntu2204-9.0.0.
(Reading database ... 5258 files and directories currently installed.)
Preparing to unpack cudnn-local-repo-ubuntu2204-9.0.0_1.0-1_amd64.deb ...
Unpacking cudnn-local-repo-ubuntu2204-9.0.0 (1.0-1) ...
Setting up cudnn-local-repo-ubuntu2204-9.0.0 (1.0-1) ...

The public cudnn-local-repo-ubuntu2204-9.0.0 GPG key does not appear to be installed.
To install the key, run this command:
sudo cp /var/cudnn-local-repo-ubuntu2204-9.0.0/cudnn-local-960825AE-keyring.gpg /usr/share/keyrings/

$ sudo cp -v /var/cudnn-local-repo-ubuntu2204-9.0.0/cudnn-*-keyring.gpg /usr/share/keyrings/
'/var/cudnn-local-repo-ubuntu2204-9.0.0/cudnn-local-960825AE-keyring.gpg' -> '/usr/share/keyrings/cudnn-local-960825AE-keyring.gpg'
$ sudo apt-get update
Get:1 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  InRelease [1572 B]
Get:1 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  InRelease [1572 B]                                                                
Get:2 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  Packages [3101 B]                                     
Hit:3 http://security.ubuntu.com/ubuntu jammy-security InRelease                                                                    
Hit:4 http://archive.ubuntu.com/ubuntu jammy InRelease                                                   
Hit:5 http://archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:6 http://archive.ubuntu.com/ubuntu jammy-backports InRelease
Reading package lists... Done
$ sudo apt-get install --verbose-versions cudnn
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
   cudnn9 (9.0.0-1)
   cudnn9-cuda-12 (9.0.0.312-1)
   cudnn9-cuda-12-3 (9.0.0.312-1)
   libcudnn9-cuda-12 (9.0.0.312-1)
   libcudnn9-dev-cuda-12 (9.0.0.312-1)
   libcudnn9-samples (9.0.0.312-1)
   libcudnn9-static-cuda-12 (9.0.0.312-1)
The following NEW packages will be installed:
   cudnn (9.0.0-1)
   cudnn9 (9.0.0-1)
   cudnn9-cuda-12 (9.0.0.312-1)
   cudnn9-cuda-12-3 (9.0.0.312-1)
   libcudnn9-cuda-12 (9.0.0.312-1)
   libcudnn9-dev-cuda-12 (9.0.0.312-1)
   libcudnn9-samples (9.0.0.312-1)
   libcudnn9-static-cuda-12 (9.0.0.312-1)
0 upgraded, 8 newly installed, 0 to remove and 45 not upgraded.
Need to get 0 B/902 MB of archives.
After this operation, 2246 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  libcudnn9-cuda-12 9.0.0.312-1 [439 MB]
Get:2 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  libcudnn9-dev-cuda-12 9.0.0.312-1 [34.1 kB]
Get:3 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  libcudnn9-static-cuda-12 9.0.0.312-1 [461 MB]
Get:4 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  cudnn9-cuda-12-3 9.0.0.312-1 [12.4 kB]
Get:5 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  cudnn9-cuda-12 9.0.0.312-1 [12.4 kB]
Get:6 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  libcudnn9-samples 9.0.0.312-1 [1670 kB]
Get:7 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  cudnn9 9.0.0-1 [2442 B]
Get:8 file:/var/cudnn-local-repo-ubuntu2204-9.0.0  cudnn 9.0.0-1 [2418 B]
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libcudnn9-cuda-12.
(Reading database ... 5284 files and directories currently installed.)
Preparing to unpack .../0-libcudnn9-cuda-12_9.0.0.312-1_amd64.deb ...
Unpacking libcudnn9-cuda-12 (9.0.0.312-1) ...
Selecting previously unselected package libcudnn9-dev-cuda-12.
Preparing to unpack .../1-libcudnn9-dev-cuda-12_9.0.0.312-1_amd64.deb ...
Unpacking libcudnn9-dev-cuda-12 (9.0.0.312-1) ...
Selecting previously unselected package libcudnn9-static-cuda-12.
Preparing to unpack .../2-libcudnn9-static-cuda-12_9.0.0.312-1_amd64.deb ...
Unpacking libcudnn9-static-cuda-12 (9.0.0.312-1) ...
Selecting previously unselected package cudnn9-cuda-12-3.
Preparing to unpack .../3-cudnn9-cuda-12-3_9.0.0.312-1_amd64.deb ...
Unpacking cudnn9-cuda-12-3 (9.0.0.312-1) ...
Selecting previously unselected package cudnn9-cuda-12.
Preparing to unpack .../4-cudnn9-cuda-12_9.0.0.312-1_amd64.deb ...
Unpacking cudnn9-cuda-12 (9.0.0.312-1) ...
Selecting previously unselected package libcudnn9-samples.
Preparing to unpack .../5-libcudnn9-samples_9.0.0.312-1_all.deb ...
Unpacking libcudnn9-samples (9.0.0.312-1) ...
Selecting previously unselected package cudnn9.
Preparing to unpack .../6-cudnn9_9.0.0-1_amd64.deb ...
Unpacking cudnn9 (9.0.0-1) ...
Selecting previously unselected package cudnn.
Preparing to unpack .../7-cudnn_9.0.0-1_amd64.deb ...
Unpacking cudnn (9.0.0-1) ...
Setting up libcudnn9-samples (9.0.0.312-1) ...
Setting up libcudnn9-cuda-12 (9.0.0.312-1) ...
Setting up libcudnn9-dev-cuda-12 (9.0.0.312-1) ...
update-alternatives: using /usr/include/x86_64-linux-gnu/cudnn_v9.h to provide /usr/include/cudnn.h (libcudnn) in auto mode
Setting up libcudnn9-static-cuda-12 (9.0.0.312-1) ...
Setting up cudnn9-cuda-12-3 (9.0.0.312-1) ...
Setting up cudnn9-cuda-12 (9.0.0.312-1) ...
Setting up cudnn9 (9.0.0-1) ...
Setting up cudnn (9.0.0-1) ...
Processing triggers for libc-bin (2.35-0ubuntu3.1) ...

Found the issue. The permission for cudnn-local-960825AE-keyring.gpg out of the .deb package is 640. The permission needed is, at least, 644. So, changing permission (chmod 644 /usr/share/keyrings/cudnn-local-960825AE-keyring.gpg) did the trick.