First find the key in the old location
apt-key list | grep -A4 "trusted.gpg$"
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8))./etc/apt/trusted.gpg
pub rsa2048 2012-06-17 [SC]
CF8A 1AF5 02A2 AA2D 763B AE7E 82B1 2992 7FA3 303E
uid [ unknown] Raspberry Pi Archive Signing KeyWhat you need from this is the last 8 characters of the long hexadecimal number, without the spaces. In this case, 7FA3303E. Then you export the key to a temporary file.
apt-key export 7FA3303E | sudo gpg --dearmor -o /tmp/raspi.gpg
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).This should have created a file /tmp/raspi.gpg with the key in.
file /tmp/raspi.gpg
/tmp/raspi.gpg: PGP/GPG key public ring (v4) created Sun Jun 17 15:49:51 2012 RSA (Encrypt or Sign) 2048 bits MPI=0xabc2a41a70625f9f…Now delete the old key.
apt-key del 7FA3303E
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OKAnd finally put the new key in place.
Code: Select all
mv /tmp/raspi.gpg /etc/apt/trusted.gpg.d/raspberrypi-bookworm-stable.gpgThe reason for doing the steps in this order is that otherwise the new key gets deleted as well as the old one.