Hi,
wget -qO-https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E88... | gpg --dearmor | tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null
Is the name important?
I assume it's Debian? The onfiguration of the signing key and the repo is configured in Debian (and Ubuntu?) via source.list, see $man 5 sources.list.
In most cases this will look something like this: $ cat /etc/apt/sources.list.d/tor.list
deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org bookworm main deb-src [signed-by=/etc/apt/trusted.gpg.d/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org bookworm main
You can place the key anywhere that ‘apt’ can access, you only need to change the path in the source file.
Note, however, that for keys that are not managed by a package or the package manager itself, they should be stored either in /usr/share/keyrings or /etc/apt/keyrings.
however, you can also overwrite the existing key. I'm not a fan of this and still keep all (old) versions in the keyring..
Since you are all tinkering with your servers anyway, why don't you try deb822-style ;-)
$ cat /etc/apt/sources.list.d/tor.sources
Types: deb deb-src URIs: tor+http://apow7mjfryruh65chtdydfmqfpj5btws7nbocgtaovhvezgccyjazpqd.onion/torpro... URIs: https://deb.torproject.org/torproject.org Suites: bookworm Components: main Architectures: amd64 Signed-By: /etc/apt/keyrings/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.gpg
Ahoy, Martin