How to fix the apt-key deprecated warning in Ubuntu? Allow me to paint the picture for you. It is time to update or upgrade your Linux desktop or server, which is something that must be done on a consistent and regular basis. You launch the terminal window and run the apt-get update command, only to have the following warning prompt appear on the screen:
The key is saved in the legacy trusted.gpg keyring (/etc/apt/trusted.gpg); for more information, refer to the DEPRECATION section of the apt-key(8) man page.
The apt-key command has been deprecated for quite some time, and it is quite likely that it will stop functioning properly at some point in the future. However, the warning that was just displayed will not prevent you from running the update. One of the reasons why apt-key has been deprecated is because it had the potential to result in the system accepting signatures from third-party keyholders for all other repositories configured on your system that do not have a signed-by option. This is one of the reasons why apt-key has been deprecated.
If something like that were to occur, any unofficial apt repository that had a signing key added to /etc/apt/trusted.gpg or /etc/apt/trusted.gpg.d would be able to replace any package that was currently installed on the system. Should a third-party repository contain malicious code, this could result in serious security issues in the future.
There are two distinct approaches to resolving this issue.
How to fix the apt-key error in the most efficient way possible.
Because it is manual and requires you to go through your list of keys one at a time, the first approach will take you a little bit of time to complete. Here are the steps:
Launch a window for the terminal and type in the following command:
sudo apt-key list
This will result in multiple entries, the number of which is proportional to the number of sources that you have added to the system and has the following format:
pub rsa4096 2022-01-31 [SC] [expires: 2024-01-31]
uid: DF44 CF0E 1930 9195 C106 9AFE 6299 3C72 4218 647E DF44 CF0E 1930 9195 C106 9AFE 4218 647E DF44 CF0E 1930 9195 C106 9A Vivaldi Package Composer KEY08 <[email protected]>
sub rsa4096 2022-01-31 [E] [expires: 2024-01-31
In order to fix the issue, you will first need to copy the last eight characters of the second line (in the example given above, this would be 4218647E), and then you will need to run the following command:
Using the command sudo apt-key export 4218647E followed by sudo gpg –de armour -o /etc/apt/trusted.gpg.d/vivaldi.gpg, you can export your apt-key.
It is essential to modify not only the last eight digits of the key but also the name at the very end of the key in order to match it. As you can see, the key that I’m attempting to repair is Vivaldi’s.
You are going to need to perform this for each and every key that gives you the apt-key warning. You will be presented with the same warning, but the reason for this is that you are piping the output of the apt-key command to the gpg –de armor command. When you have completed correcting each item, you will no longer see the warning when you run apt-key update.
How to quickly fix the apt-key problem and get back to work.
The time it takes to complete the previous approach is directly proportional to the number of keys that contain errors. This can be accomplished in a more expedient manner. Nevertheless, this approach isn’t officially suggested, and using it could result in complications. Before attempting this, it is strongly suggested that you perform a trial run on a computer that is not used for production, or at the least, create a backup or take a snapshot of your virtual machine, if that is how you install Linux.
To fast resolve the issue, please perform the following steps:
Launch a window for the terminal.
Use the command cd /etc/apt to move into the apt directory.
Use the command sudo cp trusted.gpg trusted.gpg.d to copy the trusted.gpg file into the trusted.gpg.d directory.
The aforementioned approach, which I’ve found to be ineffective on some machines, is not one of those. For example, if you are using Jammy Jellyfish (Ubuntu 22.04), you will not find the file trusted. gpg in the /etc/apt directory; nevertheless, you will find the file trusted.gpg.d. If such is the case, then you will have to carry out the tasks the old-fashioned way.
In either case, you need to perform this fix as soon as possible because, at some time in the future, the apt-key will stop functioning properly. In the event that this occurs, you may discover that your Ubuntu Servers and Desktops are unable to update or upgrade, which is something that you most definitely do not want to happen. Upgrades are essential to maintaining the safety of Linux instances that are now running, therefore make sure that this warning is resolved so that you do not run into problems in the future.