apt-key Command Reference: Usage, Deprecation & CI Examples
apt-key managed APT trusted keys; it is now deprecated in favor of keyrings.
apt-key added and listed the GPG keys APT uses to verify repositories. It is deprecated on modern Debian/Ubuntu in favor of per-repository keyrings referenced with signed-by.
Common flags and usage
- apt-key add <file>: add a key (deprecated)
- apt-key adv --keyserver ... --recv-keys: fetch a key (deprecated)
- apt-key list / del: list or remove trusted keys
- Modern replacement: write a keyring under /etc/apt/keyrings
- Reference it with signed-by= in the .sources or .list entry
Example
shell
curl -fsSL https://example.com/repo.gpg \
| gpg --dearmor -o /etc/apt/keyrings/example.gpg
echo "deb [signed-by=/etc/apt/keyrings/example.gpg] https://example.com/apt stable main" \
> /etc/apt/sources.list.d/example.listIn CI
On recent images apt-key prints a deprecation warning and may be absent entirely. Prefer the signed-by keyring pattern above so a third-party repository keeps working when apt-key is removed.
Key takeaways
- apt-key is deprecated; modern APT uses per-repo keyrings.
- Dearmor the key into /etc/apt/keyrings and reference it with signed-by.
- New CI images may not ship apt-key at all.
Related guides
apt-get Command Reference: Flags, Usage & CI ExamplesReference for apt-get: update, install, -y, DEBIAN_FRONTEND, --no-install-recommends, and a CI example that i…
dpkg Command Reference: Flags, Usage & CI ExamplesReference for dpkg: -i, -r, -l, -L, -S, --configure, and a CI example that installs a local .deb and fixes de…
apk Command Reference: Flags, Usage & CI ExamplesReference for Alpine apk: add, --no-cache, --virtual, del, and a CI example that installs build dependencies…