-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathinfo-deprecated-keyring
55 lines (35 loc) · 2.03 KB
/
info-deprecated-keyring
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
This solution is specific to Ubuntu 22.04, with bash 5.2.16. Other distributions and versions may not work.
A one-liner to convert all those deprecated keys to the new format.
PLEASE TAKE THE TIME TO UNDERSTAND WHAT YOU’RE DOING HERE BEFORE RUNNING IT!!
Also make sure your bash is not too old. My bash version: GNU bash, version 5.1.16(1)-release (x86_64-pc-linux-gnu)
#!/bin/bash
for KEY in $(apt-key --keyring /etc/apt/trusted.gpg list | grep -E "(([ ]{1,2}(([0-9A-F]{4}))){10})" | tr -d " " | grep -E "([0-9A-F]){8}\b" ); do K=${KEY:(-8)}; apt-key export $K | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/imported-from-trusted-gpg-$K.gpg; done
# And for those that want something more readable....
for KEY in $( \
apt-key --keyring /etc/apt/trusted.gpg list \
| grep -E "(([ ]{1,2}(([0-9A-F]{4}))){10})" \
| tr -d " " \
| grep -E "([0-9A-F]){8}\b" \
); do
K=${KEY:(-8)}
apt-key export $K \
| sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/imported-from-trusted-gpg-$K.gpg
done
# Explanation:
# Retrieve the list of known keys:
apt-key list
# Find all groupings of hexadecimal characters that have 1 or 2 spaces in front of them, and are 4 characters long. Get the collection of those that have 10 groupings per line. This provides the full key signature.
grep -E "(([ ]{1,2}(([0-9A-F]{4}))){10})"
# Trim away (delete) all spaces on each line found, so that key signature is unbroken by white space:
tr -d " "
# Grab the last 8 characters of each line:
grep -E "([0-9A-F]){8}\b"
# Now we have a collection of key suffixes, each 8 characters in length.
# Cycle through each key suffix, placing the current suffix in the KEY variable:
for KEY in $(…); do
# Assign the last 8 characters to the variable K:
K=${KEY:(-8)};
# Export the key that matches the signature in K and pass/pipe it to gpg to properly store it:
apt-key export $K | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/imported-from-trusted-gpg-$K.gpg
# Loop until all keys are processed.
Special thanks to heynnema (Askubuntu) whose solution is at the core of this.