[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#990086: apt-key is deprecated in bullseye, how to manage keys instead

Package: release-notes
X-Debbugs-Cc: debian-user@lists.debian.org, apt@packages.debian.org

On Sb, 19 iun 21, 22:07:35, Marco Möller wrote:
> Command apt-key and its man page say that apt-key is deprecated, but do not
> suggest an instead recommended tool. It is only mentioned that keys would
> now be organized in /etc/apt/trusted.gpg.d/  . But how should I manage the
> keys saved there, for instance how to update them, or what tool of the
> Debian distribution is managing them there for the apt functionality of the
> Debian OS?

As far as I understand it's as simple as dropping the keys in there. 

When a key changes/expires/etc. replace it with the new one (if provided 
by the respective repository).

> Guiding me to a properly up-to-date documentation about this topic would be
> welcome!

Indeed the documentation on this is a bit scarce, probably worth a 
mention in the Release Notes.

Dear APT maintainers,

The short version appears to be this note to the 'add' command from 

    Note: Instead of using this command a keyring should be placed 
    directly in the /etc/apt/trusted.gpg.d/ directory with a descriptive 
    name and either "gpg" or "asc" as file extension.

where .gpg files are of type created with 'gpg --export' and .asc with
'gpg --armor --export'.

Your confirmation (or even better, proposes wording) would be much 

Kind regards,

Attachment: signature.asc
Description: PGP signature

Reply to: