Hi, On Mon, Feb 01, 2021 at 12:42:01PM +0000, Julian Gilbey wrote: > I just stumbled upon an "Ask Ubuntu" discussion, which has a very > clear explanation of (at least some of) the reasons for the > deprecation of apt-key and what to do instead: > https://askubuntu.com/questions/1286545/what-commands-exactly-should-replace-the-deprecated-apt-key/1300076#1300076 > > Logging it here in the hope that it will be of use to others. It's Julian (juliank) who runs this deprecation and I have close to zero interest in third party repositories, so I do not want to bud in on these BUT that linked accepted answer is really not a good answer… at least scroll a bit down and read the others if you really must. In my opinion this isn't something a user has to concern itself with though. The 3rd party repository has to explain how it can be added and incidently that will be and always was at least slightly different for all of them as they are all slightly different in what they provide and how (flat vs. dists repo, binary or ascii key, keyring package or not, name of components, pinning, …). If a repository has no documentation on how to properly use it, I at least wouldn't dare to use it… (but I don't use any, so there is that…). See e.g. https://wiki.debian.org/DebianRepository/UseThirdParty That wiki page says APT isn't supporting ASCII armored keys, but it does nowadays – but as this isn't universally true for all apt versions still in existence/use it's fine for now to pretend otherwise I guess. So, not saying that is a good idea, but to achieve what the accepted answer does without the potential failure modes this has (thanks to particularities with the invocation of gnupg in different versions – which might not even be installed but would need to be for apt-key): $ sudo /usr/lib/apt/apt-helper download-file 'https://download.teamviewer.com/download/linux/signature/TeamViewer2017.asc' /etc/apt/trusted.gpg.d/teamviewer.asc No, I haven't tried it. This is also not an endorsement of that repo, that key or adding it to trusted.gpg.d directly. Using apt-helper as I know that is available while wget/curl/whatever might not. Not that I wouldn't recommend that either – and please don't ask me for some as the only I am comfortable giving is "Don't use 3rd party repos" and that is probably not what anyone reading this wants to hear… Best regards David Kalnischkies
Attachment:
signature.asc
Description: PGP signature