Copy PPA signing key to multiple private PPA

Asked by Philip Roche on 2021-03-25

A signing key from PPA has been added to a chain of trust to allow for installation of kernel modules built in that PPA when using secure boot.

We now have new PPAs which build new versions of those packages and kernel modules but are not using signing keys that are part of the chain of trust.

Please can the signing key from be copied to the following new private PPAs


Both apw and vorlon have +1'd this request.

Question information

English Edit question
Launchpad itself Edit question
No assignee Edit question
Last query:
Last reply:
Andy Whitcroft (apw) said : #1

+1 to using a common key in all of these build PPAs.

Colin Watson (cjwatson) said : #2

We'll need to add a --force or --overwrite or similar option to our copy-signingkeys script first, since it sounds as though kmod signing keys were already autogenerated for them.

Added the "--overwrite" option here:

This should reach production soon, and then we will be able to do the copy.

philroche / apw,

the kmod key from ~nvidia-modules-private/ubuntu/gke was copied successfully to the requested archives.

Let us know if you have any problem.

Can you help with this problem?

Provide an answer of your own, or ask Philip Roche for more information if necessary.

To post a message you must log in.