Tavinus

I like snippets…

2 minute read

This works for any “legacy” repository that gives the warning

W: https://download.mono-project.com/repo/ubuntu/dists/stable-focal/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.

We will also fix the arch notice

N: Skipping acquire of configured file ‘main/binary-i386/Packages’ as repository ‘https://download.mono-project.com/repo/ubuntu stable-focal InRelease’ doesn’t support architecture ‘i386’

This example will show how to fix the mono-project repository on Ubuntu / Pop!_OS, but you can adapt it to any repository with the same issues.

Locate problematic key

First we need to know what is the mono key in the keyring. I had some trouble to find it, since the name is not obvious in this case. So I went back to the download instructions to be sure.

You can list the keys with

$ sudo apt-key list
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
/etc/apt/trusted.gpg
--------------------
pub   rsa4096 2017-06-22 [SC]
      63C4 6DF0 140D 7389 6142  9F4E 204D D8AE C33A 7AFF
uid           [ unknown] Pop OS (ISO Signing Key) <info@system76.com>
sub   rsa4096 2017-06-22 [E]

pub   rsa2048 2017-12-19 [SC] [expires: 2023-12-17]
      D563 11E5 FF3B 6F39 D5A1  6ABE 18DF 3741 CDFF DE29
uid           [ unknown] philandro Software GmbH <info@philandro.com>
sub   rsa2048 2017-12-19 [E] [expires: 2023-12-17]

pub   rsa2048 2014-08-04 [SC]
      3FA7 E032 8081 BFF6 A14D  A29A A6A1 9B38 D3D8 31EF
uid           [ unknown] Xamarin Public Jenkins (auto-signing) <releng@xamarin.com>
sub   rsa2048 2014-08-04 [E]

We are interested in this first block, which shows the keys in /etc/apt/trusted.gpg.

The mono-project key is the Xamarin Public Jenkins key.

This is how the installation instructions shows it

sudo apt install gnupg ca-certificates
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
echo "deb https://download.mono-project.com/repo/ubuntu stable-focal main" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list
sudo apt update

Note that the key is the same from the list above

Export key

Now we export the key using the last 8 digits of the key

sudo apt-key export D3D831EF | sudo gpg --dearmour -o /usr/share/keyrings/mono.gpg

If you are doing this for other software, change the key value and the gpg file name above

Edit repository

Now we edit the repository file.

sudo nano /etc/apt/sources.list.d/mono-official-stable.list

We will add the signed-by tag for the key, as well as the arch tag to remove the warning about it not having i386 packages.

Note: If you need i386 packages, just don’t add the arch=amd64 part, but you may need to add trusted=yes as mentioned in my other post. However, they do not build for i386 anymore because Ubuntu does not include the needed packages for that anymore.

deb [arch=amd64 signed-by=/usr/share/keyrings/mono.gpg] https://download.mono-project.com/repo/ubuntu stable-focal main

Delete key from trusted.gpg

sudo apt-key del D3D831EF

Check

Now we just check if all is fine

sudo apt update

This should run without errors or warnings now

Cheers! 🍻

Comments

You May Also Enjoy

Fix Windows Boot - UEFI

2 minute read

TavBlog - How to fix windows boot if your EFI partition got corrupted.