verification of packages with gnupg/apt-key

To: Debian AMD64 <debian-amd64@lists.debian.org>
Subject: verification of packages with gnupg/apt-key
From: Andrei Mikhailovsky <andrei@arhont.com>
Date: Wed, 29 Jun 2005 12:52:47 +0100
Message-id: <[🔎] 1120045967.7360.13.camel@whale.core.arhont.com>
Reply-to: andrei@arhont.com

Hello debian fellows.

Sinc the update of apt to 0.6.x with the support of package verification
using gnupg, I was wondering if this has been built into the packages
that are stored in debian amd64 repositories? I've tried to implement
this feature on my amd64 box. After fixing couple of issues with apt-key
(linking /usr/share/keyrings/ with ln -s debian-keyring.gpg
debian-archive-keyring.gpg, etc..) I've found out that there are more
issues to package verification.

The apt-check-sigs is failing to verify quite a few things:

Source: deb http://amd64.debian.net/debian-pure64/ sid main contrib
  o Origin: Debian/Debian AMD64 archive
  o Suite: unstable/sid
  o Date: Wed, 29 Jun 2005 00:12:54 UTC
  o Description: Debian AMD64 archive - Unstable Development Version
  o Signed by: Debian AMD64 Archive Key <debian-amd64@lists.debian.org>
  * PROBLEMS WITH main (MISSING 3fec79394cb72698125030bf546aa8d4 97,
MISSING 12bb516135b4fe217e9ec11556b484cd 13434988)
  * PROBLEMS WITH contrib (MISSING dbfef483032b40f05c87c7f4d9d81525 100,
MISSING 6c9ee6eaf99f8e46f24d21ff8ee0cf99 199770)

....

The following files in /var/lib/apt/lists have not been validated.
This could turn out to be a harmless indication that this script is
buggy
or out of date, or it could let trojaned packages get onto your system.


amd64.debian.net_debian-pure64_dists_sid_contrib_binary-amd64_Packages.FAILED
amd64.debian.net_debian-pure64_dists_sid_contrib_binary-amd64_Release.FAILED
amd64.debian.net_debian-pure64_dists_sid_contrib_source_Release.FAILED
amd64.debian.net_debian-pure64_dists_sid_contrib_source_Sources.FAILED
amd64.debian.net_debian-pure64_dists_sid_main_binary-amd64_Packages.FAILED
amd64.debian.net_debian-pure64_dists_sid_main_binary-amd64_Release.FAILED
amd64.debian.net_debian-pure64_dists_sid_main_source_Release.FAILED
amd64.debian.net_debian-pure64_dists_sid_main_source_Sources.FAILED



Has anyone anyone manage to make verification of packages/Release files
work under amd64?

Many thanks for any help

--
Andrei

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: verification of packages with gnupg/apt-key
  - From: lsorense@csclub.uwaterloo.ca (Lennart Sorensen)
- Re: verification of packages with gnupg/apt-key
  - From: Martin Dickopp <martin@zero-based.org>

Prev by Date: Re: Checkpoint Firewall Client on AMD64
Next by Date: Re: verification of packages with gnupg/apt-key
Previous by thread: Re: Checkpoint Firewall Client on AMD64
Next by thread: Re: verification of packages with gnupg/apt-key
Index(es):
- Date
- Thread