答案1
与字符串一样列出apt
键:root
spotify
# apt-key list 2>&1 | grep -i spotify -B 2
删除,但最新的密钥为:
# apt-key del <keyid>
在我的案例中,输出示例:
pub rsa4096 2018-05-23 [SC] [expires: 2019-08-16]
931F F8E7 9F08 7613 4EDD BDCC A87F F9DF 48BF 1C90
uid [ unknown] Spotify Public Repository Signing Key <[email protected]>
--
uid [ unknown] Microsoft (Release signing) <[email protected]>
/etc/apt/trusted.gpg.d/spotify-2017-07-25-341D9410.gpg
--
pub rsa4096 2017-07-25 [SC] [expired: 2018-07-25]
0DF7 31E4 5CE2 4F27 EEEB 1450 EFDC 8610 341D 9410
uid [ expired] Spotify Public Repository Signing Key <[email protected]>
/etc/apt/trusted.gpg.d/spotify-2018-05-23-48BF1C90.gpg
--
pub rsa4096 2018-05-23 [SC] [expires: 2019-08-16]
931F F8E7 9F08 7613 4EDD BDCC A87F F9DF 48BF 1C90
uid [ unknown] Spotify Public Repository Signing Key <[email protected]>
提示:您可以使用指纹来删除密钥:
# apt-key del "0DF7 31E4 5CE2 4F27 EEEB 1450 EFDC 8610 341D 9410"
答案2
要列出用于签署您关心的存储库的所有密钥,您应该询问 GnuPG。首先清除 Release
缓存中的所有文件(以消除陈旧文件):
sudo rm /var/lib/apt/lists/*_{InRelease,Release,Release.gpg}
然后更新它们:
sudo apt update
最后,提取用于签名的密钥:
(for file in /var/lib/apt/lists/*_InRelease; do gpg --verify $file; done; for file in /var/lib/apt/lists/*_Release.gpg; do gpg --verify $file ${file%.gpg}; done) |& grep "using .* key" | sort -u
并将该列表与输出进行比较
apt-key list
以确定哪些键是不必要的。