Sunday, December 25, 2022

Fix Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead in Ubuntu

When adding the Koha repository and its key, you might see a warning; this is a security measure, not a problem.

Starting with Ubuntu 20.10, the use of apt-key yields a warning that the tool will be deprecated in the near future; likewise, add-apt-repository will also soon be deprecated. While these deprecation warnings do not strictly prevent the usage of apt-key and add-apt-repository with Ubuntu 22.04, it is not advisable to ignore them.

The current best practice is to use gpg in place of apt-key and add-apt-repository, and in future versions of Ubuntu, that will be the only option. apt-key and add-apt-repository themselves have always acted as wrappers, calling gpg in the background. Using gpg directly cuts out the intermediary. 

It won't display the warning because the syntax itself adds a file with the name koha.gpg to the trusted.gpg.d directory, so use the following key when installing Koha

sudo wget -O- | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/koha.gpg


You must move the trusted.gpg file with the name koha-trusted.gpg to /etc/apt/trusted.d/ after adding the key.

cd /etc/apt/

sudo mv trusted.gpg koha-trusted.gpg

sudo mv koha-trusted.gpg /etc/apt/trusted.gpg.d/

and continue installing Koha; the same process can be used to install anydesk using a DEB repository.

cd /etc/apt/

sudo mv trusted.gpg anydesk-trusted.gpg

sudo mv anydesk-trusted.gpg /etc/apt/trusted.gpg.d/

No comments:

Post a Comment