Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg)

The easy way to fix these warning messages generated by sudo apt update...

W: https://linux.teamviewer.com/deb/dists/stable/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://apt.keepsolid.com/ubuntu/dists/groovy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://linux.dropbox.com/ubuntu/dists/disco/Release.gpg: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://download.virtualbox.org/virtualbox/debian/dists/hirsute/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://download.opensuse.org/repositories/home:/IBBoard:/cawbird/xUbuntu_22.04/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/solaar-unifying/stable/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/team-xbmc/ppa/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: http://ppa.launchpad.net/yannubuntu/boot-repair/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.

Note: These warning messages can be generated by any enabled repo or ppa in Software & Updates "Other Software" tab.

Example fix:

For this warning message with sudo apt update...

W: http://ppa.launchpad.net/team-xbmc/ppa/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.

We look in sudo apt-key list and find this entry for xbmc...

pub   rsa1024 2009-01-20 [SC]
      1897 01DA 570C 56B9 488E  F60A 6D97 5C47 91E7 EE5E
uid           [ unknown] Launchpad PPA for XBMC for Linux

Then we convert this entry to a .gpg file, using the last 8 numeric characters from above...

sudo apt-key export 91E7EE5E | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/team-xbmc.gpg

Repeat the above commands for each warning message generated by sudo apt update.

Note: Partially taken from the accepted answers here and here.

Came across this problem after moving to 22.04 and wanted to add my solution. I had a lot of keys that needed to be updated/converted. This is not an optimal solution, but works well.

A one-liner to convert all deprecated keys to the new format.

PLEASE TAKE THE TIME TO UNDERSTAND WHAT YOUR DOING HERE BEFORE RUNNING IT!! Also make sure your bash is not too old. My bash version: GNU bash, version 5.1.16(1)-release (x86_64-pc-linux-gnu)

for KEY in $( \
    apt-key list \
    | grep -E "(([ ]{1,2}(([0-9A-F]{4}))){10})" \
    | tr -d " " \
    | grep -E "([0-9A-F]){8}\b" \
); do
    K=${KEY:(-8)}
    apt-key export $K \
    | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/imported-from-trusted-gpg-$K.gpg
done

Explanation:

1. Retrieves the list of known keys.

apt-key list

2. Find the all grouping of hexadecimal characters that have 1 or 2 spaces in front, and are 4 characters long. Get the collection of those that have at 10 groupings per line. This provides the full key signature.

grep -E "(([ ]{1,2}(([0-9A-F]{4}))){10})"

3. Trim away(delete) all spaces on each line found, so that key signature is unbroken by white spaces.

tr -d " "

4. Grab the last 8 characters of each line.

grep -E "([0-9A-F]){8}\b"

Now we have a collection of key suffixes, each 8 characters in length.

5. Cycle through each key suffix, placing the current suffix in the KEY variable.

for KEY in $(…); do

6. Assign the last 8 characters to the variable K

K=${KEY:(-8)};

7. Export the key that matches the signature in K and pass/pipe it to gpg to properly store it.

apt-key export $K | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/imported-from-trusted-gpg-$K.gpg

8. Loop until all keys are processed.

done

9. Enjoy no more deprecation warnings.

Special thanks to heynnema whose solution is at the core of this.

What worked for me was:

mv /etc/apt/trusted.gpg /etc/apt/trusted.gpg.d/

I've turned @heynnema's answer into a function, which you can place under .bashrc for convenience. This takes two arguments: the key (last 8 characters) and the destination filename for the output GPG file.

function apt-key-migrate {
  typeset key="$1"
  typeset dest="$2"

  if [ -z "$key" ] || [ -z "$dest" ];
  then
    echo "Usage: apt-key-migrate <key> <destination>"
    return 1
  fi

  sudo apt-key export $key | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/$dest.gpg
}

Example: apt-key-migrate 91E7EE5E team-xbmc

apt-key is deprecated and shall be replaced on the long run on Ubuntu 22.04.

When you need it, you may delete existing key with:

apt-key list

and

apt-key del YOUR-KEY

Import your key with command like:

curl https://yourrepo.com/repo.key | gpg --dearmor | sudo dd of=/usr/local/share/keyrings/your-repo.gpg

Add the signature to /etc/apt/sources.list.d/your.list

deb [signed-by=/usr/local/share/keyrings/your-repo.gpg]  https://yourepo./ubuntu jammy main

More details on the manual:
link

Good details here as well: link

I modified the @Frank's function to remove the key from the legacy trusted.gpg to avoid duplication.

function apt-key-migrate {
    typeset key="$1"
    typeset dest="$2"

    if [ -z "$key" ] || [ -z "$dest" ];
    then
        echo "Usage: apt-key-migrate <key> <destination>"
        return 1
    fi

    sudo apt-key --keyring /etc/apt/trusted.gpg export $key | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/$dest.gpg
    sudo apt-key --keyring /etc/apt/trusted.gpg del $key
}