Hi Eike,
it is not that easy and sadly this does not work. I copied the Release.gpg to
/etc/apt/
trusted.gpg.d/ and renamed it to "debian-archive-bullseye-stable.gpg".
I also get lots of errors, since bullseye chaged something. Please see:
-------------------- snip -----------------------------
LANG=C aptitude update
Hit http://deb.debian.org/debian-security bullseye-security InRelease
Hit http://download.opensuse.org/repositories/home:/cabelo/Debian_10 InRelease
Hit http://downloads.metasploit.com/data/releases/metasploit-framework/apt
lucid
InRelease
Hit https://deb.opera.com/opera-stable stable InRelease
Err https://ftp.de.debian.org/debian stable InRelease
Certificate verification failed: The certificate is NOT trusted. The name in
the certificate
does not match the expected. Could not handshake: Error in the certificate
verification.
[IP: 141.76.2.4 443]
Hit https://updates.signal.org/desktop/apt xenial InRelease
Hit https://download.opensuse.org/repositories/home:/tabos-team/Debian_10
InRelease
Hit https://www.kismetwireless.net/repos/apt/release/buster buster InRelease
W: http://deb.debian.org/debian-security/dists/bullseye-security/InRelease: The
key(s) in
the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.gpg are
ignored as the
file has an unsupported filetype.
W: http://download.opensuse.org/repositories/home:/cabelo/Debian_10/InRelease:
The
key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.gpg
are
ignored as the file has an unsupported filety
pe.
W:
http://downloads.metasploit.com/data/releases/metasploit-framework/apt/dists/lucid/
InRelease: The key(s) in the keyring
/etc/apt/trusted.gpg.d/debian-archive-bullseye-
stable.gpg are ignored as the file has an
unsupported filetype.
W: https://deb.opera.com/opera-stable/dists/stable/InRelease: The key(s) in the
keyring /
etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.gpg are ignored as the
file has an
unsupported filetype.
W: https://updates.signal.org/desktop/apt/dists/xenial/InRelease: The key(s) in
the keyring
/etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.gpg are ignored as the
file has an
unsupported filetype.
W:
https://download.opensuse.org/repositories/home:/tabos-team/Debian_10/InRelease:
The key(s) in the keyring
/etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.gpg are
ignored as the file has an unsupported filetype.
W:
https://www.kismetwireless.net/repos/apt/release/buster/dists/buster/InRelease:
The
key(s) in the keyring /etc/apt/trusted.gpg.d/debian-archive-bullseye-stable.gpg
are
ignored as the file has an unsupported filetype.
W: Failed to fetch https://ftp.de.debian.org/debian/dists/stable/InRelease:
Certificate
verification failed: The certificate is NOT trusted. The name in the
certificate does not
match the expected. Could not handshake: Error in the certificate
verification. [IP:
141.76.2.4 443]
W: Some index files failed to download. They have been ignored, or old ones
used
instead.
--------------- snap --------------------
It looks like the other prior working keys now also do no more match.
Is there a solution for it? Tried also gpg --export, but did not work, too.
Best regards
Hans (DL4OCJ)
> Hi Hans!
> Hope you are well
>
>
> 1) you need to copy the keys into /etc/apt/trusted.gpg.d
> there is no apt-keyring package anymore
>
> see here:
>
> *5.3.2. Deprecated components for bullseye*
> With the next release of Debian 12 (codenamed bookworm) some features will
> be deprecated. Users will need to migrate to other alternatives to prevent
> trouble when updating to Debian 12.
> This includes the following features:
> * The historical justifications for the filesystem layout with */bin*,
> */sbin*, and */ lib* directories separate from their equivalents under
> */usr* no longer apply today; see the Freedesktop.org summary[1]. Debian
> bullseye will be the last Debian release that supports the non-merged-usr
> layout; for systems with a legacy layout that have been upgraded without a
> reinstall, the *usrmerge* package exists to do the conversion if desired.
> * bullseye is the final Debian release to ship *apt-key*. Keys should
> be managed by dropping files into */etc/apt/trusted.gpg.d* instead, in
> binary format as created by *gpg -- export* with a *.gpg* extension, or
> ASCII armored with a *.asc* extension. A replacement for *apt-key list* to
> manually investigate the keyring is planned, but work has not started yet.
signature.asc
Description: This is a digitally signed message part.
