I am attempting to add a private repository to my sources.list
using the add-apt-repository
command, but I do not have access to the public key that corresponds to that package repository.
If I try to add the repository normally
sudo add-apt-repository "deb http://my-private-server.test $(lsb_release -s -c) main"
I have problems with the public key not being available (as I expect)
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY <pubkey>
Reading package lists... Done
W: GPG error: https://my-private-server.test bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY <pubkey>
E: The repository 'http://my-private-server.test bionic InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
I would like to mark that I trust the repository, but if I try to add the repository with [trusted=yes]
added, if I look in my sources.list, it has been stripped from the entry.
sudo add-apt-repository "deb [trusted=yes] http://my-private-server.test $(lsb_release -s -c) main"
tail /etc/apt/sources.list
deb http://my-private-server.test bionic main
# deb-src http://my-private-server bionic main
If I add [arch=amd64]
instead of [trusted=yes]
, it appears correctly in sources.list
. If I manually add [trusted=yes]
to sources.list
the error that comes from the repository not being signed no longer appears, but I do not want to have to manually edit the file.
What is the correct way to add a trusted repository with add-apt-repository
?