Apparently apt-key
is deprecated because its design contains a security risk.
The solution is to download the key and store it in a location writable only by the root and then to manually create a sources.list
entry with the signed-by
option.
For example, to install chrome we can do:
sudo wget -O- https://dl.google.com/linux/linux_signing_key.pub \
| gpg --dearmor \
| sudo tee /usr/share/keyrings/google-chrome.gpg >> /dev/null
echo deb [arch=amd64 signed-by=/usr/share/keyrings/google-chrome.gpg] \
http://dl.google.com/linux/chrome/deb/ stable main \
| sudo tee /etc/apt/sources.list.d/google-chrome.list >> /dev/null
sudo apt update
sudo apt install google-chrome-stable -y
The problem with this solution is that I cannot find the Dropbox signing key.
Dropbox help centre mentions a key for Fedora, but not Ubuntu:
https://linux.dropbox.com/fedora/rpm-public-key.asc
It all seems quite complicated. Are there some fool-proof, safe, non-deprecated ways to install Dropbox?
0 Answers