On 12/01/2021 06:47, Erwan David wrote: > Hello, > to install signal desktop client, I followed their instructions, which > is to add their repository and, obviously their Kry. > > However, I got a warning > Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d > instead (see apt-key(8)). > > But how to do this ? > > man apt-key says : > Note: Instead of using this command a keyring should be placed > directly in the /etc/apt/trusted.gpg.d/ directory with a descriptive > name and either "gpg" or "asc" as file extension. > > So the question is how can I get a keyring file from the key file I > downloaded ? The way I've been adding repos (following some advice on this mailing list some time ago is basically: $ wget http://example.com/repo.asc $ gpg --dearmor repo.asc # creates repo.asc.gpg $ mv repo.asc.gpg /etc/apt/trusted.gpg.d/repo.gpg $ sensible-editor /etc/apt/sources.list.d/repo.list deb [signed-by=/etc/apt/trusted.gpg.d/repo.gpg] http://example.com/repo stable main For the record, the advantage of doing this is that the GPG key can only validate packages coming from that repo; it can't validate any other repo (whereas keys in apt-key apply to ALL sources, potentially allowing cross-contamination). > >
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature