Ubuntu24新版apt-key

Linux apt-key
发布时间 :
  1. 解决方案:
    1. 1. 找出问题密钥
    2. 2. 导出并转换密钥
    3. 3. 删除旧密钥
    4. 4. 执行验证

在阿里服务器用Ubuntu24根据官方教程安装docker的时候,添加了apt仓库密钥之后,apt update之后弹出如下告警

W: http://mirrors.cloud.aliyuncs.com/docker-ce/linux/ubuntu/dists/noble/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.

这个警告信息表明你的系统正在使用已被弃用的 apt-key 方式管理 APT 仓库密钥。在较新版本的 Debian/Ubuntu 中,推荐将密钥存储在 /etc/apt/trusted.gpg.d/ 目录下,而不是直接放在 /etc/apt/trusted.gpg

解决方案:

1. 找出问题密钥

首先找出是哪个仓库的密钥导致了这个问题:

root@iZcvdz7shuu1wnZ:~# apt-key list
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
/etc/apt/trusted.gpg
--------------------
pub   rsa4096 2017-02-22 [SCEA]
      9DC8 5822 9FC7 DD38 854A  E2D8 8D81 803C 0EBF CD88
uid           [ unknown] Docker Release (CE deb) <docker@docker.com>
sub   rsa4096 2017-02-22 [S]

/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
------------------------------------------------------
pub   rsa4096 2012-05-11 [SC]
      8439 38DF 228D 22F7 B374  2BC0 D94A A3F0 EFE2 1092
uid           [ unknown] Ubuntu CD Image Automatic Signing Key (2012) <cdimage@ubuntu.com>

/etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
------------------------------------------------------
pub   rsa4096 2018-09-17 [SC]
      F6EC B376 2474 EDA9 D21B  7022 8719 20D1 991B C93C
uid           [ unknown] Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>

列出所有存储在旧式密钥环中的密钥。找到对应的密钥(通常通过密钥的最后4-8个字符识别)

2. 导出并转换密钥

看见Docker-CE的密钥后八位是0EBF CD88,执行:

root@iZcvdz7shuu1wnZ:~# apt-key export 0EBFCD88 | gpg --dearmour -o /etc/apt/trusted.gpg.d/docker.gpg
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).

3. 删除旧密钥

转换完成后,你可以安全移除旧密钥:

apt-key del 0EBFCD88
mv /etc/apt/trusted.gpg.d/docker.gpg~ /etc/apt/trusted.gpg.d/docker.gpg

删除之后,系统会把你的/etc/apt/trusted.gpg.d/docker.gpg改成/etc/apt/trusted.gpg.d/docker.gpg~,因为你执行命令的时候系统并不会真的删除掉这些公钥,只是改名了让apt识别不到,这样能保留原文件,防止删错,所以需要把名字改回去

4. 执行验证

root@iZcvdz7shuu1wnZ:~# apt update
Hit:1 http://mirrors.cloud.aliyuncs.com/ubuntu noble InRelease
Hit:2 http://mirrors.cloud.aliyuncs.com/ubuntu noble-updates InRelease
Hit:3 http://mirrors.cloud.aliyuncs.com/ubuntu noble-backports InRelease
Hit:4 http://mirrors.cloud.aliyuncs.com/ubuntu noble-security InRelease
Hit:5 http://mirrors.cloud.aliyuncs.com/docker-ce/linux/ubuntu noble InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
3 packages can be upgraded. Run 'apt list --upgradable' to see them.

告警消失

转载请注明来源

粤ICP备2024346163号 ©2020-2025 David Deng

Built with Hexo and 3-hexo theme