Ubuntu 24.04: PPA: "Signature by key 98703123E0F52B2BE16D586EF13930B14BB9F05F uses weak algorithm (rsa1024)"
sanderjo opened this issue · comments
SABnzbd version
ppa
Operating system
Ubuntu 24.04
Using Docker image
None
Description
On a fresh install of Ubuntu 24.04 on an Intel i7, I get
W: https://ppa.launchpadcontent.net/jcfp/ppa/ubuntu/dists/noble/InRelease: Signature by key 98703123E0F52B2BE16D586EF13930B14BB9F05F uses weak algorithm (rsa1024)
I already removed & re-added the jcfp PPA, but no solution.
@jcfp Tips?
(base) sander@macbuntu:~$ sudo apt upgrade
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
(base) sander@macbuntu:~$
(base) sander@macbuntu:~$ sudo apt update
Hit:1 http://nl.archive.ubuntu.com/ubuntu noble InRelease
Hit:2 http://nl.archive.ubuntu.com/ubuntu noble-updates InRelease
Hit:3 http://security.ubuntu.com/ubuntu noble-security InRelease
Hit:4 http://nl.archive.ubuntu.com/ubuntu noble-backports InRelease
Hit:5 https://dl.google.com/linux/chrome/deb stable InRelease
Hit:6 https://ppa.launchpadcontent.net/jcfp/ppa/ubuntu noble InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.
W: https://ppa.launchpadcontent.net/jcfp/ppa/ubuntu/dists/noble/InRelease: Signature by key 98703123E0F52B2BE16D586EF13930B14BB9F05F uses weak algorithm (rsa1024)
(base) sander@macbuntu:~$
The key used for signing the repo content on the PPA isn't under my control.
This is for Canonical to fix; the issue is on their radar and a fix apparently in the works, see:
https://discourse.ubuntu.com/t/new-requirements-for-apt-repository-signing-in-24-04/42854
https://answers.launchpad.net/launchpad/+question/809194
Clear. Thanks!
Based on https://ubuntuhandbook.org/index.php/2024/04/workaround-apt-warning-signature-key-uses-weak-algorithm/#:~:text=Or%2C%20just%20leave%20it%20blank%20so%20all%20the%20key%20algorithm%20trusted%20by%20GnuPG%20should%20be%20allowed%2C%20so%20it%20will%20be%3A , I created this file:
$ cat /etc/apt/apt.conf.d/99weakkey-warning
APT::Key::Assert-Pubkey-Algo "";
and the Warnings are gone.
Note to self: remove in a few months time
to remove the warnings, but just to one that's needed (not all, just in case)
$ cat /etc/apt/apt.conf.d/99weakkey-warning
APT::Key::Assert-Pubkey-Algo ">=rsa1024";
the above worked for me 👆🏿