9

I just read αғsнιη's answer on What causes Pinta to crash instantly when I begin image selection?

But what does the first line of the solution mean?

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF

I have never encountered this command before. Is it safe to use?

Kulfy
  • 17,696
newandlost
  • 213
  • 1
  • 2
  • 5

1 Answers1

10

The apt-key's manual explains this well.

adv
   Pass advanced options to gpg. With adv --recv-key you can e.g.
   download key from keyservers directly into the trusted set of keys.
   Note that there are no checks performed, so it is easy to
   completely undermine the apt-secure(8) infrastructure if used
   without care.

You're actually telling apt-key to receive 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF key from keyserver.ubuntu.com and add that to trusted set of keys.

One should add key using advance options with apt-key only if the keyserver is trusted since the system assume that the user themselves trust the keyserver.

Manuel Jordan
  • 1,768
  • 7
  • 30
  • 50
Kulfy
  • 17,696
  • 1
    Ah ok thanks a lot guess .ubuntu.com is trustworthy. How can I figure out the key of the server? Is it a ssh public key? – newandlost Jul 17 '20 at 13:38
  • 1
    @newandlost The key is fetched from server using HTTP Keyserver Protocol (HKP). – Kulfy Jul 17 '20 at 16:17