I'm trying to use debootstrap to create a Debian Squeeze chroot (from Debian Squeeze (stable)), so I can install some no-longer-supported software. But I get an error:
$ sudo debootstrap --keyring=/usr/share/keyrings/debian-archive-keyring.gpg squeeze /srv/basket/ http://archive.debian.org/debian/
I: Retrieving InRelease
I: Retrieving Release
I: Checking Release signature
E: Release signed by unknown key (key id 64481591B98321F9)
$
The key exists, it's just expired:
$ gpg --search-keys 64481591B98321F9
gpg: data source: https://18.9.60.141:443
(1) Squeeze Stable Release Key <[email protected]>
4096 bit RSA key 64481591B98321F9, created: 2010-08-07, expires: 2017-08-05 (expired)
Keys 1-1 of 1 for "64481591B98321F9". Enter number(s), N)ext, or Q)uit >
I can proceed by turning off gpg checking with --no-check-gpg, but is there a way to tell debootstrap to use the expired key? Or, what is the best way to proceed with as much security as possible?
