Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

apt-key deprecated - use signed-by #272

Open
dnisbet opened this issue Feb 14, 2023 · 0 comments
Open

apt-key deprecated - use signed-by #272

dnisbet opened this issue Feb 14, 2023 · 0 comments
Labels
Feature Request Enhancement to existing functionality or new functionality

Comments

@dnisbet
Copy link

dnisbet commented Feb 14, 2023

Using apt-key gives warnings of deprecation, an often recommended way to specify the key to use is to drop it into /etc/apt/trusted.gpg.d/ which works fine with the current cookbook. However there is a further recommendation to use apt's [signed-by] field (eg https://blog.cloudflare.com/dont-use-apt-key/) but there's no facility in the cookbook to do this.

❔ Possible Solution

A signed-by property detailing the key file that signs for the apt repository.

⤴️ Describe alternatives you've considered

Just use trusted.gpg.d - but this does have it's own caveats, key in that folder is trusted for ALL repo's.
@dnisbet dnisbet added the Feature Request Enhancement to existing functionality or new functionality label Feb 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Feature Request Enhancement to existing functionality or new functionality
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dnisbet