Can't install Webmin from sources.list getting Hash Sum mismatch in 16.04 LTS

Question

Installing Webmin

echo "deb http://download.webmin.com/download/repository sarge contrib" > /etc/apt/sources.list.d/webmin.list
cd /root
wget http://www.webmin.com/jcameron-key.asc
apt-key add jcameron-key.asc
rm jcameron-key.asc
apt-get update && apt-get install webmin -y

root@Ubuntu:~# apt-get install webmin -y
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  apt-show-versions libapt-pkg-perl libauthen-pam-perl libio-pty-perl libnet-ssleay-perl
The following NEW packages will be installed:
  apt-show-versions libapt-pkg-perl libauthen-pam-perl libio-pty-perl libnet-ssleay-perl
  webmin
0 upgraded, 6 newly installed, 0 to remove and 0 not upgraded.
Need to get 28.2 MB/28.6 MB of archives.
After this operation, 159 MB of additional disk space will be used.
Get:1 http://download.webmin.com/download/repository sarge/contrib amd64 webmin all 1.791 [28.2 MB]
Err:1 http://download.webmin.com/download/repository sarge/contrib i386 webmin all 1.791    
  Hash Sum mismatch
Get:1 http://download.webmin.com/download/repository sarge/contrib i386 webmin all 1.791 [28.2 MB]
Err:1 http://download.webmin.com/download/repository sarge/contrib all webmin all 1.791     
  Hash Sum mismatch
Err:1 http://download.webmin.com/download/repository sarge/contrib all webmin all 1.791     
  Hash Sum mismatch
Fetched 49.9 MB in 21s (2,325 kB/s)                                                         
E: Failed to fetch http://download.webmin.com/download/repository/pool/contrib/w/webmin/webmin_1.791_all.deb  Hash Sum mismatch

E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
root@Ubuntu:~#

score 0 · Answer 1 · answered May 10 '16 at 09:47

It may be related to the withdrawal of SHA1 checksums in 16.04

Tomorrow ... APT will see a new release, turning of[f] support for SHA-1 checksums in Debian unstable and in Ubuntu Xenial, the upcoming LTS release. While I have no knowledge of an imminent attack on our use of SHA1, Xenial (Ubuntu 16.04 LTS) will be supported for 5 years, and the landscape may change a lot in the next 5 years. As disabling the SHA1 support requires a bit of patching in our test suite, it’s best to do that now rather than later when we’re forced to do it.

https://juliank.wordpress.com/2016/03/14/dropping-sha-1-support-in-apt/

Can't install Webmin from sources.list getting Hash Sum mismatch in 16.04 LTS

1 Answers1