Re: apt-get and authentication
marc wrote: Thanks for advertising apt-key's existence :-o It might also help folk to know about man apt-secure. That said, I couldn't work out what steps I am supposed to take from those man pages. W: GPG error: http://secure-testing.debian.net etch/security-updates Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 946AA6E18722E71E Take the last 8 digits- ~# gpg --keyserver pgp.mit.edu --recv-keys 8722E71E ~# gpg --armor --export 8722E71E | apt-key add - Be sure to open your firewall to port 11371 so gpg can talk to the key server. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: apt-get and authentication
On Sun, Oct 23, 2005 at 02:09:19PM +0100, marc wrote: Ephemeral root said... Quoting Rick Pasotto [EMAIL PROTECTED]: Why has apt-get started giving me this message: WARNING: The following packages cannot be authenticated! That's part of apt 0.6's new security feature. You must add to your apt set-up the gpg public key of the archives where you downloaded the packages. I think this has already been done for you if you download only official Debian packages. I think that this change has been very badly managed. I saw these messages and had no idea what had changed and what was required of me to correct the problem. Worse, there is no reference to apt-key in the man pages of aptitude or apt-get, which is where, I suspect, most folk would first look for clues. Neither was there an announcement in debian.user.news For adding the keys of unofficial sites, read the man page, Thanks for advertising apt-key's existence :-o It might also help folk to know about man apt-secure. That said, I couldn't work out what steps I am supposed to take from those man pages. I hope my explanation doesn't read like a man page. Not all all. It was clear, precise and understandable on first reading, without references to a minimum of a dozen documents of required reading, usually recursively, before being remotely comprehensible. But I suspect that you were writing for an audience of human beings :-) Now, does anyone know what actions we are supposed to take? This seems to have worked for me: apt-get install debian-keyring -- To be without a plan is the true genius and glory of the antislavery movement. The mission of that movement is to preach eternal truths, and to bear witness to everlasting testimony against the giant falsehoods which bewitch and enslave the land. -- Nathaniel Peabody Rogers Rick Pasotto[EMAIL PROTECTED]http://www.niof.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
apt-get and authentication
Why has apt-get started giving me this message: WARNING: The following packages cannot be authenticated! -- Man is the only animal that contemplates death, and also the only animal that shows any sign of doubt of its finality. -- William Ernest Hocking Rick Pasotto[EMAIL PROTECTED]http://www.niof.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: apt-get and authentication
Quoting Rick Pasotto [EMAIL PROTECTED]: Why has apt-get started giving me this message: WARNING: The following packages cannot be authenticated! That's part of apt 0.6's new security feature. You must add to your apt set-up the gpg public key of the archives where you downloaded the packages. I think this has already been done for you if you download only official Debian packages. For adding the keys of unofficial sites, read the man page, or better, google for apt-key. This assumes of course the maintainer signs his unofficial archive by creating the necessary Release (md5sum and sha1sums of the available packages) and Release.gpg (the detached gpg signature of the Release file). You can also try to create the Release and Release.gpg files yourself by using apt-ftparchive. But that's a longer story (one that took me three days of googling to figure out). I hope my explanation doesn't read like a man page. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
