apt key deprecation fix

If you see an apt-key deprecated warning when you run apt update on Ubuntu and want to fix it, you’re in the right place

In this post I walk you (and myself) through the process. See, after I followed the steps to install TeamViewer on Ubuntu I noticed the following error every time I run apt update:

W: https://linux.teamviewer.com/deb/dists/stable/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.

Though undesired, the warning does not prevent updating or upgrading the system. You can ignore it without any ill effect and, for a day or two, so that’s what I did. And if you stick to GUI update methods you won’t hear about the error at all.

But it’s annoying, and hey: the warning is showing for a reason. While I’m not going to get in to the reasons why apt key add was deprecated here (there are some excellent explanations elsewhere on the web) but I am going to show you to solve it.

Fix Apt-Key Deprecation Error

Fixing the apt-key deprecation error on Ubuntu can be done a number of ways.

Method 1: the sensible way

The recommended method from AskUbuntu is as follows. First, open a new Terminal window and then look inside your legacy apt-key file by running this command:

sudo apt-key list

Depending on your system you may see a couple of entries appear or a veritable avalanche.

Scroll through the list carefully. Pay attention to how things are laid out. Find the section that mentions the package listed in the initial warning (if you see multiple warnings you will need to repeat these steps for each one in turn).

In my case I’m looking for the key related to TeamViewer, and it looks like this:

pub rsa4096 2020-01-29 [SC]
8CAE 012E BFAC 38B1 7A93  7CD8 C5E2 2450 0C12 89C0
uid [ unknown] TeamViewer Germany GmbH (TeamViewer Linux 2020) <support@teamviewer.com>

Copy the last 8 characters from the second line — in the example above this is 0C12 89C0 — and convert it to a .gpg file using the command below. Remember to drop the space between the 8 characters and specify a gpg file name that is relevant to the package the key is for.

In my example I had to run:

sudo apt-key export 0C1289C0 | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/teamviewer.gpg

Once you’ve constructed your command hit enter …That’s all you need to do.

When you next run an apt update the deprecated key error will no longer appear for the repo you just applied (though if you have more than one repo affected, you’ll need to repeat the steps above for each one).

Find this method too involved?

Method 2: the quick way

The “recommended” way to fix apt key deprecations errors on Ubuntu is the method detailed above. But there is a “quick and dirty” fix.

While the method below worked for I should stress that a) your milage may vary and b) it’s not the smart way to solve this issue as, depending on the legacy keys on your system, it could compromise your system’s security.

If you’re happy to throw caution to the wind open a new Terminal window and run:

cd /etc/apt

Followed by:

sudo cp trusted.gpg trusted.gpg.d

Enter your password as prompted and hit enter to apply.

When you next run apt update the error in question will no longer appear.

How To apt gpg