update on the apt-key transition

Julian Andres Klode julian.klode at canonical.com
Fri Jan 21 15:53:14 UTC 2022

Hi all,

I just wanted to give a heads up on the apt-key deprecation. As
you should know by now, apt-key will last be available in 22.04.

To prevent people from having leftover keys in trusted.gpg that
they can't easily remove, apt will soon start to 

- verify keys using trusted.gpg.d only.
- If this fails, it will retry with trusted.gpg
- If that succeeded, it will print a warning at the end of the
  run that trusted.gpg was needed to verify the repository and
  instruct you migrate the key, pointing at documentation, and
  hinting at signed-by.

This work is happening in merge request 209:


(note that the message does not contain proper hints at
 the docs and signed-by yet)

In 22.10 I expect to complete the transition by removing the
apt-key executable, and removing the fallback to trusted.gpg
from apt. At the beginning of the cycle would probably be
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer                              i speak de, en

More information about the ubuntu-devel mailing list