Hi, Florian Weimer wrote: > Currently, two approaches exist. "apt-get update && apt-get upgrade" > is convenient but insecure (susceptible to MITM attacks), and the > official way (verify DSA signature, download .debs with wget, compare > md5sums, install via dpkg) is tedious. What about using the apt-check-sigs script provided by aj (http://people.debian.org/~ajt/apt-check-sigs)? - Alexander -- "Real men don't take backups. They put their source on a public FTP-server and let the world mirror it." -- Linus Torvalds
Attachment:
pgpn2Oiv_EJAi.pgp
Description: PGP signature