Fixing the apt-key problem in Ubuntu.
Sometimes, especially if you’re into development, you may have to add a source to the package manager. While a lot of packages that you get as a .deb will automatically solve this issue, if you’re unable to directly download a deb file, you’re probably going to be faced with this issue.
The problem
The issue? apt-key is deprecated and will not be included post Ubuntu 22.04 and Debian 11, but a lot of documentation has yet to be updated for the new method. The only part of apt-key that isn’t deprecated is apt-key del to facilitate the ability to remove keys to migrate to the new way of storing keys.
So you may have noticed this when you update, or install a package, but you’ll get the following warning:
W: https://ftp.postgresql.org/pub/pgadmin/pgadmin4/apt/jammy/dists/pgadmin4/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
This is because they key was added like the below:
$ wget — quiet -O — https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -The solution
In order to fix the current issues, we will need to first delete the keys from the keyring for the ones you’re getting errors for. If you’re not getting an error, don’t do anything, because it isn’t broken. That being said, the first step to deleting the key is getting the last 4 of its id by doing this:
$ apt-key listYou don’t need sudo for this. After performing this command you’ll see output like below:
— — — — — — — — — —
pub rsa4096 2017–06–22 [SC]
xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx C33A 7AFF
uid [ unknown] Pop OS (ISO Signing Key) <info@system76.com>
sub rsa4096 2017–06–22 [E]/etc/apt/trusted.gpg.d/cubic-wizard-ubuntu-release.gpg
— — — — — — — — — — — — — — — — — — — — — — — — — — —
pub rsa4096 2015–11–05 [SC]
xxxx xxxx xxxx xxxx xxxx xxxx xxxx xxxx B4F1 283B
uid [ unknown] Launchpad PPA for PJ Singh/etc/apt/trusted.gpg.d/microsoft.gpg
— — — — — — — — — — — — — — — — — —
The id is the 10 segment long line, the one with x’s in (these are numbers, not x’s)
Take the last four numbers and concat them together (so for C33A 7AFF it would be C33A7AFF). Now perform this command:
$ sudo apt-key del xxxxxxxxAgain, the x will be the last 8.
Now the final step is to re-add the key in the new method. It will be similar to the previous, we will only change the part after the bitwise or operator (|) of the command.
$ wget -qO- https://myrepo.example/myrepo.asc | sudo tee
/etc/apt/trusted.gpg.d/myrepo.ascThe key should have the asc description. It also may not allow you to place it in trusted.gpg.d at first so if ends up creating it in /etc/apt instead or your cwd move it to trusted.gpg.d:
$ sudo mv myrepo.asc /etc/apt/trusted.gpg.dYour problem should now be fixed.
