2007/8/22, Kamaraju S Kusumanchi <[EMAIL PROTECTED]>: > > Hi > I have access to two machines - say machine A, machine B. On machine A > when I build a package, I can automatically sign the package as needed. > However now I am sitting at a friends machine (machine B) and built a > package using pdebuild. But I am not sure how to sign this package. The > errors from pdebuild are > > pbuilder-time-stamp: 1187760442 > signfile /home/raju/pbuilder/result/texmacs_1.0.6.10-2.dsc Kamaraju > Kusumanchi <[EMAIL PROTECTED]> > gpg: skipped "Kamaraju Kusumanchi <[EMAIL PROTECTED]>": secret key not > available > gpg: [stdin]: clearsign failed: secret key not available > debsign: gpg error occurred! Aborting.... > > What should I do? Should I copy the secret key from machine A to machine > B? > or should I copy the .dsc, .changes files from machine B to machine A and > sign there? I looked in maint-guide, developers-reference, > debian-reference > but could not find any suggestions there.
I would recommend you not to copy your secret key to your friend's machine. A secret key is something to keep safe and secret. It would be much better to move the files to your machine and sign the packages there, or to carry your secret keys in a USB device, possibly encrypted just in case you lose it, and just using it in machines you can trust. Miry
