Debian Linux - Key is stored in legacy trusted.gpg keyring

dreamuser098 · ‎02-26-2022

When I run "sudo apt update" on my system I get an error about the Dropbox key being stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg) and apt-key being deprecated. I searched google for an hour or so and tried multiple different solutions but can't find anything that works. It seems that the public key needed to verify the "http://linux.dropbox.com/debian/dists/sid/Release.gpg" key is not available. Any ideas?

dreamuser098 · ‎02-27-2022

Thanks! This worked.

For others that run into this problem:

Use a .zip/.tar/.rar extractor to open the .deb file and find the "postinst" file. Open in text editor and copy from "-----BEGIN PGP PUBLIC KEY BLOCK-----" to "-----END PGP PUBLIC KEY BLOCK-----" and save as "dropbox.asc" into the /usr/share/keyrings/ directory. Edit "/etc/apt/sources.list.d/dropbox.list" to read "deb [arch=i386,amd64 signed-by=/usr/share/keyrings/dropbox.asc] http://linux.dropbox.com/debian sid main" or whatever version of Debian you are using. Run apt update. It should not give you an error anymore.

View solution in original post

Здравко · ‎02-27-2022

Hi @dreamuser098,

To be honest I'm not sure what is the exact problem. 'trusted.gpg' still work, despite being deprecated. Most probably this will stay so for the ongoing stable release. Of course, Dropbox is waiting for the application work stop completely and after that to do something, as always.

@dreamuser098 wrote:
... key is not available. ...

The key should be there anyway! Did you install your application?! If not, do it. After that you should be able extract the key and install it anew, wherever you want. Don't forget to add a 'pointer' in /etc/apt/sources.list.d/dropbox.list so the proper key to be pointed and looked for. Skipping this step will make 'entire exercise' something meaningless.

Another way get to the public key is extraction from the package itself (possible before actual install). The public key resides within 'postinst' script of the package. Open the package in an archiver of your choice and open the contained there postinst with a text editor of your choice again. You don't have to look for too much, just scroll little bit down. It's just there. Copy/Paste the text in properly named file; that's it. I'm pasting this text here for your convenience:

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.9 (GNU/Linux)

mQENBEt0ibEBCACv4hZRPqwtpU6z8+BB5YZU1a3yjEvg2W68+a6hEwxtCa2U++4d
zQ+7EqaUq5ybQnwtbDdpFpsOi9x31J+PCpufPUfIG694/0rlEpmzl2GWzY8NqfdB
FGGm/SPSSwvKbeNcFMRLu5neo7W9kwvfMbGjHmvUbzBUVpCVKD0OEEf1q/Ii0Qce
kx9CMoLvWq7ZwNHEbNnij7ecnvwNlE2MxNsOSJj+hwZGK+tM19kuYGSKw4b5mR8I
yThlgiSLIfpSBh1n2KX+TDdk9GR+57TYvlRu6nTPu98P05IlrrCP+KF0hYZYOaMv
Qs9Rmc09tc/eoQlN0kkaBWw9Rv/dvLVc0aUXABEBAAG0MURyb3Bib3ggQXV0b21h
dGljIFNpZ25pbmcgS2V5IDxsaW51eEBkcm9wYm94LmNvbT6JATYEEwECACAFAkt0
ibECGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRD8kYszUESRLi/zB/wMscEa
15rS+0mIpsORknD7kawKwyda+LHdtZc0hD/73QGFINR2P23UTol/R4nyAFEuYNsF
0C4IAD6y4pL49eZ72IktPrr4H27Q9eXhNZfJhD7BvQMBx75L0F5gSQwuC7GdYNlw
SlCD0AAhQbi70VBwzeIgITBkMQcJIhLvllYo/AKD7Gv9huy4RLaIoSeofp+2Q0zU
HNPl/7zymOqu+5Oxe1ltuJT/kd/8hU+N5WNxJTSaOK0sF1/wWFM6rWd6XQUP03Vy
NosAevX5tBo++iD1WY2/lFVUJkvAvge2WFk3c6tAwZT/tKxspFy4M/tNbDKeyvr6
85XKJw9ei6GcOGHD
=5rWG
-----END PGP PUBLIC KEY BLOCK-----

Hope this helps.

dreamuser098 · ‎02-27-2022

Thanks! This worked.

For others that run into this problem:

Use a .zip/.tar/.rar extractor to open the .deb file and find the "postinst" file. Open in text editor and copy from "-----BEGIN PGP PUBLIC KEY BLOCK-----" to "-----END PGP PUBLIC KEY BLOCK-----" and save as "dropbox.asc" into the /usr/share/keyrings/ directory. Edit "/etc/apt/sources.list.d/dropbox.list" to read "deb [arch=i386,amd64 signed-by=/usr/share/keyrings/dropbox.asc] http://linux.dropbox.com/debian sid main" or whatever version of Debian you are using. Run apt update. It should not give you an error anymore.

DATAMAR · ‎04-10-2022

Thanks. This works like a charm in Ubuntu 22.04.

oscarmotaarq · ‎04-26-2022

It works on Ubuntu 22.04! Despite of the fact that in my terminal puts Ubuntu instead of Debian, but it's quite the same thing.

mikbuch · ‎07-30-2022

dreamuser098's solution worked for me on Ubuntu 22.04 (jammy), however, I had to leave "sid" in:

deb [arch=i386,amd64 signed-by=/usr/share/keyrings/dropbox.asc] http://linux.dropbox.com/debian sid main

with "jammy" I got the following error during "sudo apt-get update":

Err:13 http://linux.dropbox.com/debian jammy Release                                                  
  404  Not Found [IP: 52.84.106.116 80]

Thanks anyway for this solution!

chelmite · ‎11-11-2022

I tried this procedure in Ubuntu 22.10, but got the following:

Err:10 http://linux.dropbox.com/debian kinetic Release
404 Not Found [IP: 18.154.144.59 80]

Здравко · ‎11-11-2022

@chelmite wrote:
I tried this procedure in Ubuntu 22.10, but got the following:
Err:10 http://linux.dropbox.com/debian kinetic Release
404 Not Found [IP: 18.154.144.59 80]

Hi @chelmite,

2 things!

Try with secure HTTP - replace leading http: to https: 😉
Next, Ubuntu' "kinetic" release (it's not Debian's as seems you think) is not yet added to Dropbox. Only Debian's "buster", "jessie", "sid", and "stretch" are there and Ubuntu's "artful", "bionic", "cosmic", "disco", "trusty", "utopic", "vivid", "wily", "xenial", "yakkety", and "zesty".

Good luck.

PS: They all are the same... use someone of the available. Also, there is not "Release", but "main" Dropbox repository component.

clesiopof · ‎08-20-2023

This worked for me, just updating an old script to find all keys

"sudo ls >/dev/null && if [ 1 ]; then
sudo apt update 2>&1 | grep NO_PUBKEY | sed -e 's?^.*NO_PUBKEY ??' \
| while read _hash; do
wget -O- "http://keyserver.ubuntu.com/pks/lookup?op=get&search=0x${_hash}" \
| gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/${_hash}.gpg;
done
fi"

Debian Linux - Key is stored in legacy trusted.gpg keyring

Debian Linux - Key is stored in legacy trusted.gpg keyring

Top contributors to this post