Hi,
On Sat, Jan 07, 2006 at 01:49:21PM +0100, Hans wrote:
> are there no pgp keys for testing or unstable ? Why will apt-get update do
> not update the keys ? Any clue ?
apt-get update should never ever update the keys automagically.
There is you (The Administrator) who declare trusted sites.
apt-get update can only refetch the {Release,Package,Source}.gpg and check
signatures.
Warnings you got from apt-get update just says that those repositories
are not trusted.
To trust declare the repository as trusted just should fetch a key
for the repository, make sure it is a valid key then run apt-key add.
For example, to make an official Debian repository trusted you should run:
wget http://ftp-master.debian.org/ziyi_key_2006.asc
apt-key add ziyi_key_2006.asc
If you just want to declare a repository as trusted just run:
gpg --recv-key KEY_ID && gpg -a --export KEY_ID | apt-key add -
where KEY_ID is a string after NO_PUBKEY. For example for Blackdown
at ftp.gwdg.de you should replace KEY_ID with BB5E459A529B8BDA.
And last but not least.
To be precise: by adding a key to apt-get keyring you will trust
_all_ repositories signed with this key.
> W: GPG error: ftp://debian.tu-bs.de testing Release: The following signatures
> couldn't be verified because the public key is not available: NO_PUBKEY
> 010908312D230C5F
pub 1024D/2D230C5F 2006-01-03 [expires: 2007-02-07]
uid Debian Archive Automatic Signing Key (2006) <ftpmaster@debian.org>
Well, you have a 32bit Debian on your box, isn't it?
Only officially released architecures are signed with
Debian Archive Automatic Signing Key. This key is change every year and you
should check http://ftp-master.debian.org/ for updates.
AMD64 is not yet a part of official Debian release and it is
signed with different key you can fetch from:
ftp://debian.tu-bs.de:/debian-amd64/archive.key
Best regards
Artur
--
Tata: Jak się nazywasz?
Synek: Igor spacja Sapijaszko.
Attachment:
signature.asc
Description: Digital signature