W: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details

Question

W: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details

29.2k Views Asked by Jishnu At 20 October 2024 at 21:59

I have installed gazebo on my ubuntu 22.04 LTS following the steps in https://classic.gazebosim.org/tutorials?tut=install_ubuntu via their alternative installation. I am getting the following error when I try to update the packages using sudo apt update

W: http://packages.osrfoundation.org/gazebo/ubuntu-stable/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.

I have tried deleting the key from apt-key list but it gave me additional warning about unable to very the key, since the public key was missing. Is there a way for fixing this warning?

I have referred the a similar solution at Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead but couldn't solve the problem.

Original Q&A

There are 6 best solutions below

Mahmoud Mostafa On 04 December 2023 at 17:20

this way to automate the process for all keys:

sudo apt-key list 2>&1 | grep -E '/(trusted.gpg.d)' -A 3 | grep -v '^--' | grep -v '^pub ' | /bin/sed 's@./trusted.gpg.d/(.)@\1@g' | /bin/awk 'NR%2{printf "%s ",$0;next;}1' | /bin/awk '{print "sudo apt-key export "$10$11" | sudo gpg --dearmour -o /usr/share/keyrings/"$1}' | xargs -I'{}' bash -c "eval '{}'".

Referenced URL: https://askubuntu.com/questions/1398344/apt-key-deprecation-warning-when-updating-system

G Spawn On 19 July 2023 at 19:28

Most daily driver Linux users can just sidestep the warning:

cd /etc/apt
sudo cp trusted.gpg trusted.gpg.d
sudo apt update

This is a current security discussion in Linux so I can only report what's going on at time of writing. System updates for some major Linux distros work on a method where apt-key would store all the authentication keys for all your package repositories in one place. This is convenient, but has some potential security issues. The potential security issues are finally being remedied. However, current proposals for a "fix" are too complex for most users to implement. And if nobody's going to use it, it's not a real fix. In a large distro like Ubuntu you are likely to see a warning such as "apt-key is deprecated" or "Key is stored in legacy...". This is only a warning to prepare you for a future update. Hopefully once security experts decide to enforce this policy, there will be an easy patch for most users (e.g. the next update to apt may quietly "fix" the issue so that warnings will disappear).

Advanced users who actually do things with keys may want to be more careful. Please immediately read and follow a trusted blog post for more info, such as: https://itsfoss.com/apt-key-deprecated/

Omer On 09 February 2024 at 05:34

Follow the following for resolution.

Run the following command to download and add the key:

> curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Open or create the Docker repository file:

> sudo nano /etc/apt/sources.list.d/docker.list

Replace the existing with following.

> deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu bionic stable

Before updating please verify for any duplicate repos,

> sudo apt update

Mathieu J. On 19 October 2022 at 07:40

You can convert your keys from the old apt-key tool to the new apt trusted keys format.

First, you should search for your key ID.

Try apt-key list gazebo, if only ones return, it will be easy. Simply run this command.

apt-key export gazebo | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/gazebo-key.gpg

and that warning will go away

Additionally, you can specify the key file in the source definition. But by default, apt will check all valid keys.

Check this site for an example

https://tecadmin.net/resolved-key-is-stored-in-legacy-trusted-gpg-keyring/

laudarch On 06 November 2022 at 06:42

cd /etc/apt

Followed by:

sudo cp trusted.gpg trusted.gpg.d

Now run a sudo apt update The error shouldn't be showing again

**Jishnu** · Accepted Answer

Recently, I have came across a blog post, which listed different methods to solve this issue in a more general approach. I have used the third one listed in here. The method is simple but a forceful one, but it worked for me. I would like to quote the words in the blog post

It is a forceful method because we are not converting keys but instead directly moving legacy keys to a trusted folder, , it may be not a wise idea still if you are not finding any other quick way for your Legacy key hen here is the one to use:

simple navigate to the key listing folder by using cd command and then use a cp command. you can use the code snippet given below(taken from the blog post).

cd /etc/apt
sudo cp trusted.gpg trusted.gpg.d

Other possible solutions are also listed in the same and you can check those too!

W: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details

There are 6 best solutions below

Related Questions in UBUNTU

Related Questions in WARNINGS

Related Questions in DEPRECATION-WARNING

Related Questions in GAZEBO-SIMU

Related Questions in APT-KEY

Trending Questions

Popular # Hahtags

Popular Questions