On 1/19/24, Max Nikulin <maniku...@gmail.com> wrote: > Precise steps > depend on degree of your paranoia.
... and mine is of the totally irrevocable, even joyful kind; so, where are the steps? I have always believe that Debian’s basic assumptions about using the Internet as a relatively secure, “private” venue are definitely more worryingly irrational than my paranoia. I think at some point I will have to learn more about Debian’s apt utility. Any documentation you would suggest explaining it all from the protocoled structure of deb packages to the various installation procedures depending on degree of paranoia? When I learn something I like to learn all of it. I tend to only mind what I am working on. I would just use an unexposed computer and/or do things by hand/on paper if possible, but you can’t do algorithmic simulations and tests by hand. lbrtchx On 1/19/24, Max Nikulin <maniku...@gmail.com> wrote: > On 18/01/2024 12:45, Albretch Mueller wrote: >> On 1/14/24, Max Nikulin wrote: >>> Generally just pay attention that GPG keys for repositories are obtained >>> through trusted channels. >> >> How do you functionally (that is, give me the step-by-step command >> line statements, ... in order to) do that? > > Verify installation (or live) image to have initial keyring > > https://lists.debian.org/msgid-search/uobl6l$i21$1...@ciao.gmane.io > Re: Correction to last message for Debian 11 and Debian 12. Thu, 18 Jan > 2024 23:55:48 +0700. > > Optionally install necessary keyring packages. > > When adding a third-party repository, evaluate that GPG key you are > going to add really belongs to repository maintainers. Precise steps > depend on degree of your paranoia.