Hi, I'm running a (quite) up to date testing and recently I stumbled upon
$ sudo apt update ... Err:8 http://fam-tille.de/debian local InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 578A0494D1C646D1 ... W: GPG error: http://fam-tille.de/debian local InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 578A0494D1C646D1 E: The repository 'http://fam-tille.de/debian local InRelease' is not signed. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. I have some packages for my own use (I mean there is no reason to expect that someone wants to pull things from there) on my private web page which I signed with my Debian key. This was working up to recently with apt-key. Since this was not working any more I tried to follow the advise given in the error message and started reading apt-secure(8) where I just found a hint to apt-key which is deprecated. IMHO users who are using third party repositories will get a broken system after upgrading to Debian 11 and there is no helpful hint given how to fix it. BTW, I did some apt-key del 578A0494D1C646D1 added my key to /etc/apt/trusted.gpg.d/fam-tille.gpg and added an according [signed-by=/etc/apt/trusted.gpg.d/fam-tille.gpg] option to the sources.list line ... and it does not yet work. So I think it is critical to point to a solution that *really* works. Due to potential breaking user systems I wonder if someone agrees with bumping the severity of the bug to serious. Kind regards Andreas. -- http://fam-tille.de
