W: http://apt.insync.io/debian/dists/buster/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
when running apt update.
Now we are supposed to download the signature file, add it to a local directory, and point to the correspond signature file in the sources.list entry. (See, for instance, this post.)
Indeed, I think we need a more permanent solution.
Although @bayindirh suggestion should work (thanks for pointing it out!), it is not the recommended way to deal with keys moving forward, if I understand it correctly.
Keys in /etc/apt/trusted.gpgp.d should also be moved to another location (it seems that /usr/local/share/keyrings is a common suggestion), with one file for each repository, and the corresponding key file added to each corresponding list file in /etc/apt/sources.list.d.
For now, here is something I believe could be done to set it up properly:
Use apt-key list to find all entries in /etc/apt/trusted.gpg.
Make a copy of this file (in the new directory for the keyrings) for each one of the entries. Name accordingly, like insync.gpg for the InSync keyring.
For each one of these files, remove all other entries but the one for it using apt-key del. This leaves only the one key for the particular repository.
For each of these new key files, add the correspond keyring to the sources list file for the corresponding repository.
Right now, for me at least, only InSync has no file already provided. (If all your sources provide with their corresponding key file, you can just delete trusted.gpg and add the new files to the new keyring directory.)
Hey @Danilo_Arantes! I appreciate you for sharing the workaround for this issue! Let me send this to our engineer for reference while we continue working on the more permanent fix.