Não se preocupe com essa saída.
Embora o GPG imprima o keyid obsoleto, o apt-add-repository está realmente buscando a chave usando sua impressão digital de 160 bits. (A impressão digital parece ser obtida por HTTPS).
def verify_keyid_is_v4(signing_key_fingerprint):
"""Verify that the keyid is a v4 fingerprint with at least 160bit"""
return len(signing_key_fingerprint) >= 160/8
class AddPPASigningKey(object):
" thread class for adding the signing key in the background "
GPG_DEFAULT_OPTIONS = ["gpg", "--no-default-keyring", "--no-options"]
def __init__(self, ppa_path, keyserver=None):
self.ppa_path = ppa_path
self.keyserver = (keyserver if keyserver is not None
else DEFAULT_KEYSERVER)
def _recv_key(self, keyring, secret_keyring, signing_key_fingerprint, keyring_dir):
try:
# double check that the signing key is a v4 fingerprint (160bit)
if not verify_keyid_is_v4(signing_key_fingerprint):
print("Error: signing key fingerprint '%s' too short" %
signing_key_fingerprint)
return False