Skip to content

[Feature request] Display repository GPG key (signed-by) in Software Sources#279

Open
SanAndreyas wants to merge 3 commits into
linuxmint:masterfrom
SanAndreyas:patch-1
Open

[Feature request] Display repository GPG key (signed-by) in Software Sources#279
SanAndreyas wants to merge 3 commits into
linuxmint:masterfrom
SanAndreyas:patch-1

Conversation

@SanAndreyas

@SanAndreyas SanAndreyas commented Jul 2, 2026

Copy link
Copy Markdown

Resolves #268

Since APT now recommends per-repository GPG keys using the signed-by= directive (stored in /usr/share/keyrings/), the Software Sources tool no longer shows any authentication keys, even though they are correctly configured and used by APT.

This can be confusing for users, especially those who added third-party repositories manually and want to audit or verify their system configuration.

Suggested improvement
For each enabled repository, display (read-only):

GPG key file used (signed-by=…)
Key fingerprint (optional)
Key location (/usr/share/keyrings/…)
Status (key present / missing)
This information could be shown in an “Advanced” or “Details” view to keep the UI simple for non-technical users.

Benefits

Improves transparency and trust in third-party repositories
Aligns the GUI with modern APT security practices
Helps users audit and reproduce clean system installations
Reduces confusion caused by the now-empty “Authentication keys” section

replace apt-key with a script replacing add, del and list commands for Debian 13 or later.
apt key functionality for Debian 13+
@SanAndreyas SanAndreyas changed the title [Feature request] Display repository GPG key (signed-by) in Software Sources #268 Resolves #268 Jul 3, 2026
@SanAndreyas SanAndreyas changed the title Resolves #268 [Feature request] Display repository GPG key (signed-by) in Software Sources Jul 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[Feature request] Display repository GPG key (signed-by) in Software Sources

1 participant