|
|
Secure Apt and the Emdebian ArchiveApt has supported GnuPG signatures on repository
$ gpg --fingerprint 0x97BB3B58
pub 1024D/97BB3B58 2007-04-30
Key fingerprint = 3EC0 AFB9 4A84 5900 282E 7A55 B5B7 7200 97BB 3B58
uid Emdebian Archive Signing Key
sub 2048g/FEFD537E 2007-04-30
This key is included in the emdebian-archive-keyring package and configured for you during package installation. $ sudo apt-get install emdebian-archive-keyring Alternatively, you can configure the key yourself using the instructions below. $ gpg --recv-key 0x97BB3B58 $ gpg --fingerprint 0x97BB3B58 Alternatively, you can download the key direct from this server. Verify the fingerprint of your copy of the key against the fingerprint above and then check the signatures on the key: $ gpg --recv-key 0x28BCB3E3 0x174FEE35 0xA897FD02 $ gpg --check-sigs 0x97BB3B58 If all checks out, add 0x97BB3B58 to apt: $ gpg -a --export 0x97BB3B58 > emdebian.key $ sudo apt-key add emdebian.key $ sudo apt-get update The main advantage of importing the Emdebian key into apt-key is that packages from Emdebian can then be upgraded automatically without halting for confirmation due to otherwise unverifiable packages. The key authenticates the repository to apt and is used to ensure that the Release file in the repository is genuine. More information on Secure Apt. |
Last Modified: Wed, Apr 2 02:00:15 UTC 2008
Copyright © 2000-2008
The Embedded Debian Project;
Emdebian is an offical subproject of Debian.
