[SOLVED] apt-key Deprecation Message

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
astronomad
Level 1
Level 1
Posts: 8
Joined: Mon Jan 31, 2022 7:49 am

[SOLVED] apt-key Deprecation Message

Post by astronomad »

After upgrading to Vanessa (Cinnamon), the system issues following warning messages upon updating with apt update

Code: Select all

Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
W: https://updates.signal.org/desktop/apt/dists/xenial/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/costales/folder-color/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/deluge-team/stable/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/giuspen/ppa/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/jonaski/strawberry/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/papirus/papirus/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/persepolis/ppa/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/starws-box/deadbeef-player/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/wereturtle/ppa/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/yannubuntu/boot-repair/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details
How can this be fixed?
Last edited by LockBot on Sun Feb 12, 2023 11:00 pm, edited 2 times in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
zezollo
Level 1
Level 1
Posts: 2
Joined: Wed Dec 01, 2021 4:46 pm

Re: apt-key Deprecation Message

Post by zezollo »

If anyone looks for a solution, start reading what man apt-key tells in the DEPRECATION section, like advised in the warning messages.

I advise to read the sources I provide at the end of this post.

To summarize: you'll have to
  • export the keys saved in /etc/apt/trusted.gpg in another location (I advise to not put them in /etc/apt/trusted.gpg.d/ despite the advice in the man apt-key and because of the reasons explained there https://askubuntu.com/a/1307181/321299). Caution: the files already in /etc/apt/trusted.gpg.d/ are from linuxmint and ubuntu, do not try to move them.
  • delete all keys belonging to /etc/apt/trusted.gpg
  • edit the matching *.list files located in /etc/apt/sources.list.d/ to tell apt where to look for the gpg keys.
Say, you want to move your files to /etc/apt/keyrings/ (maybe you'll have to sudo mkdir /etc/apt/keyrings/).

First, have a look at the keys:

Code: Select all

sudo apt-key list
The last 8 chars at the end of the "pub" line is the KEY_ID to use below. Export it (to, for instance an app.gpg file):

Code: Select all

sudo apt-key export KEY_ID | sudo gpg --dearmour -o /etc/apt/keyrings/app.gpg
(note: I am not really sure the dearmouring is necessary, but it doesn't seem to cause any trouble), so...)

Remove the key: sudo apt-key del KEY_ID

Edit the relevant app.list file in /etc/apt/sources.list.d/ to insert [signed-by=/etc/apt/keyrings/app.gpg] between deb and the url next to deb. The line may look like this:

Code: Select all

deb [arch=amd64 signed-by=/etc/apt/keyrings/app.gpg] http://url.app.com/APP_GPG_KEY all main
Check sudo update does not show the warning for this app any longer.

If you need to add a key again, do not use apt-key anymore, instead do something like wget -qO- https://myrepo.example/myrepo.gpg | sudo tee /etc/apt/keyrings/myrepo.gpg or wget -qO- https://myrepo.example/myrepo.gpg | sudo gpg --dearmour -o /etc/apt/keyrings/app.gpg. Do not forget to add the [signed-by=/etc/apt/keyrings/app.gpg] option in the relevant app.list file.

Sources: (they provide more informations than this post)
https://askubuntu.com/questions/1403556 ... -04-update
https://askubuntu.com/questions/1286545 ... ed-apt-key
https://unix.stackexchange.com/question ... 853#582853
User avatar
wallaby32
Level 1
Level 1
Posts: 12
Joined: Sun May 22, 2022 3:41 pm
Location: Kentucky
Contact:

Re: apt-key Deprecation Message

Post by wallaby32 »

What a detailed reply. Thank you for the effort!
MdV
Level 1
Level 1
Posts: 1
Joined: Mon Dec 12, 2022 1:42 pm

Re: [SOLVED] apt-key Deprecation Message

Post by MdV »

Most useful. I would have never coped with this issue without your so complete help. Merci beaucoup
wolfpackmars2
Level 1
Level 1
Posts: 11
Joined: Fri May 05, 2017 1:12 pm

Re: [SOLVED] apt-key Deprecation Message

Post by wolfpackmars2 »

tl;dr: The quick fix to the problem is to follow the instructions here: https://askubuntu.com/a/1398346 and then use sudo apt-add-repository ppa:<user>/<ppa-name> in the future when adding new PPAs.

Detailed summary:
After updating your keys, use apt-add-repository to add Ubuntu PPAs going forward. Otherwise, newly imported PPAs will cause the problem to reoccur.

For example:

Code: Select all

sudo apt-add-repository ppa:<user>/<ppa-name>
Per https://unix.stackexchange.com/a/687626. Reference here https://askubuntu.com/a/1398346 for instructions on moving existing keys. The original reference posted above gives a good background of the problem https://askubuntu.com/a/1307181.
Locked

Return to “Other topics”