I recently installed an Ubuntu 21.04 and when I wanted to install Atom editor, I was given the following warning about
apt-key being deprecated:
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
After a bit of Googling around, I stumbled on this post on askubuntu.com explaining why apt-key was being deprecated.
Then the folks at docker.com give a nice easy command to convert an old PGP key in base64 to a keyring.
So here are the commands if you wonder. I will assume it’s your first key.
sudo mkdir /etc/apt/local.trusted.gpg.d cd /etc/apt/local.trusted.gpg.d curl https://packagecloud.io/AtomEditor/atom/gpgkey > AtomEditor.key cat AtomEditor.key | sudo gpg --dearmor --output AtomEditor.gpg
We first create a new directory to store our local keys, it is important to separate them from the keys trusted by apt for everything (which are in
Then we download the current key in base64 format.
And then we export that keyring to a gpg file format.
Without these steps, apt will not understand the key file.
Then add the new repository to
/etc/apt/sources.list.d almost as usual:
sudo sh -c 'echo "deb [arch=amd64 signed-by=/etc/apt/local.trusted.gpg.d/AtomEditor.gpg] https://packagecloud.io/AtomEditor/atom/any/ any main" > /etc/apt/sources.list.d/atom.list'
The key difference is the new option
signed-by which references the key. This allows this particular key to only be trusted for Atom repository.