Hello, the Ubuntu 14.04, 16.04, Debian 7/8 repos on http://download.bareos.org/bareos/release/16.2/ are now signed with digest algorithm SHA256. The apt warning message "... uses weak digest algorithm (SHA1)" should no longer appear.
On 04/02/2017 04:50 AM, Thomas Schweikle wrote: > The following signatures were invalid: > 0143857D9CE8C2D182FE2631F93C028C093BFBA2 > The following signatures were invalid: > 9FAA903F511D80A5BED65101A59EFE1D5A01E889 On which repo using what command did you get this message? > > Your signing keys use sha1. Keys using sha1 are rejected now, after > months of warning, by rpm and apt. > Regarding rpm: Which repo? More details would be helpful. If you are talking about http://download.bareos.org/bareos/experimental/nightly/ it's still using a DSA GPG Key, it will get a RSA Key and SHA256 signatures within this week. Regards, Stephan -- Stephan Dühr stephan.du...@bareos.com Bareos GmbH & Co. KG Phone: +49 221-630693-90 http://www.bareos.com Sitz der Gesellschaft: Köln | Amtsgericht Köln: HRA 29646 Komplementär: Bareos Verwaltungs-GmbH Geschäftsführer: S. Dühr, M. Außendorf, J. Steffens, Philipp Storz -- You received this message because you are subscribed to the Google Groups "bareos-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to bareos-users+unsubscr...@googlegroups.com. To post to this group, send email to bareos-users@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
