Ubuntu: apt error message “Key is stored in legacy trusted.gpg keyring”

After upgrading to Ubuntu 22.04 running apt shows an error message saying “Key is stored in legacy trusted.gpg keyring“:

# apt update

All packages are up-to-date.
W: https://apt.syncthing.net/dists/syncthing/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.

The key needs to be exported from the legacy keyring and then imported back to the current system.

List the keys and find the key ID of the repository that is showing the error. In this case it is Syncthing.

# apt-key list

pub   rsa2048 2014-12-29 [SC]
      37C8 4554 E7E0 A261 54E7  6E1E D26E 6ED0 0065 5A3E
uid           [ unknown] Syncthing Release Management <release@syncthing.net>
sub   rsa2048 2014-12-29 [E]


Copy the last 8 characters of the key (00655A3E) and export it.

# apt-key export 00655A3E | gpg --dearmour -o /usr/share/keyrings/syncthing.gpg

Update the source file for the repository adding the exported key.

# vim /etc/apt/sources.list.d/syncthing.list

deb [arch=amd64 signed-by=/usr/share/keyrings/syncthing.gpg] https://apt.syncthing.net/ syncthing stable #Syncthing

Confirm that the error message is no longer showing.

# apt update

Hit:5 https://apt.syncthing.net syncthing InRelease                                                     
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up-to-date.

Finally, remove the old signature.

# apt-key del 00655A3E
image_printPrint this page

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.